home
Please refer to the README.md for instructions on how to run Secure Messaging Application.
See the below implementation notes for detailed technical specifications and explanations for how each requirement is implemented.
| Requirements | Result | Implementation Notes |
|---|---|---|
| SM must support 1:1 messaging |
1:1 messaging supported | Application Networking |
| Text messages as well as pictures should be supported | Integrated GUI for displaying text and image messages | Application Networking |
| Message history is kept in encrypted form (at-rest encryption) | Message history is encrypted and stored locally | Message History |
| Message history (for a particular conversation) can be deleted by a user | Users can delete their locally stored message history | Message History |
| Message transport uses end-to-end encryption with perfect forward secrecy | Messages are end-to-end encrypted with AESGCM and a shared key derived using Diffie-Hellman | Message Encryption |
| Users are authenticated (i.e., they should be guaranteed to talk to the right person) | Clients connect via TLS to the server and server authenticates client with user credentials (username and password) | Application Networking and Account Management |
| Message integrity must be assured | Messages are encrypted with AESGCM which provides built-in message integrity checking | Message Encryption |
| Users can plausibly deny having sent a message | Messages are encrypted with AESGCM using a shared key which is known to both users allowing either to plausibly deny sending the message | Message Encryption |
| Users can sign up for an account and also delete their account | Users can register a new account or delete an existing account with a username and password | Account Management |
| SM must be implemented in Python | Secure Messaging Application is implemented in Python | See README.md and source code |
High level DFD:
