Skip to content
Gordon Chiang edited this page Dec 4, 2021 · 31 revisions

Please refer to the README.md for instructions on how to run the Secure Messaging Application.

See the below implementation notes for detailed technical specifications and explanations for how each requirement is implemented.

Requirements Result Implementation Notes
SM must support 1:1 messaging and may support group chats (that’s optional) 1:1 messaging supported Application Networking
Text messages as well as pictures should be supported Integrated GUI for displaying text and image messages Application Networking
Message history is kept in encrypted form (at-rest encryption) Message history is encrypted and stored locally Message History
Message history (for a particular conversation) can be deleted by a user Users can delete their locally stored message history Message History
Message transport uses end-to-end encryption with perfect forward secrecy Messages are end-to-end encrypted with AESGCM and a shared key derived using Diffie-Hellman Message Encryption
Users are authenticated (i.e., they should be guaranteed to talk to the right person) Clients connect via TLS to the server and server authenticates client with user credentials (username and password) Application Networking
Message integrity must be assured Messages are encrypted with AESGCM which provides built-in message integrity checking Message Encryption
Users can plausibly deny having sent a message Messages are encrypted with AESGCM using a shared key which is known to both users allowing either to plausibly deny sending the message Message Encryption
Users can sign up for an account and also delete their account Users can register a new account or delete an existing account with a username and password Account Management
SM must be implemented in Python Secure Messaging Application is implemented in Python See README.md

High level DFD: Data Flow Diagram of the Secure Messaging Application

Clone this wiki locally