Giter Club home page Giter Club logo

decade-p2p's Introduction

slyther

Slyther is an encrypted peer-to-peer messaging platform written in Python. Slyther employs the pycryptodome library for its cryptographical needs.

Created as a project-based learning venture because I wanted to design an application-layer protocol and learn how to use sockets and encryption.

Disclaimer

I make no claims regarding the security of this program. While it is encrypted, I may have made some errors blatant to the average cryptanalyst. Pycryptodome may also have vulnerabilities I am unaware of. Do not trust this program with anything remotely important. No personal information, no credit cards, no SSNs. I am not responsible for damages incurred by the improper usage of slyther or slyther-server.

If you notice that I'm making a severe mistake with the security of this program, please let me know. This has been purely a learning experience for me, and if you can provide more lessons for me to learn about this topic, please let me know!

Quickstart

# Install dependencies
python -m pip install -r requirements.txt

# Start server in one terminal
./slyther-server

# Start client in another terminal
./slyther

Screenshots

Main Menu

menu

Server Log

serverlog

Viewing a Conversation

conversation

Protocol

Given that Alice (A) wants to send Bob (B) a message through slyther, three steps take place. Slyther uses a mixture of RSA with OAEP and AES-128-EAX to encrypt messages, and SHA512 hashes (with RSA) for digital signatures.

  1. Public Key Exchange
    1. Alice sends Bob her public key (plaintext, since public keys are not secret)
    2. Bob checks this public key against a fingerprint shared over a trusted channel (fingerprints not yet implemented)
    3. Given that Alice's key is trusted, Bob sends his public key to Alice (again, in plaintext)
  2. Session Key Creation and Delivery
    1. Alice then creates a 128-bit AES session key for her message
    2. Alice encrypts this key with Bob's public key and sends the RSA-encrypted key to Bob
    3. Alice signs the SHA512 hash of the key
    4. Alice encrypts this signature with the AES key and sends the AES-encrypted signature to Bob
  3. Message Delivery
    1. Alice encrypts her message with the AES key and sends the encrypted message to Bob
    2. Alice signs the SHA512 hash of her message, encrypts it with the AES key, and sends it to Bob

Acknowledgements

Big thanks to Hedde van der Heide and Adam Rosenfield for their StackOverflow answer on sending and receiving large messages over sockets

decade-p2p's People

Contributors

ajstensland avatar rmccorm4 avatar rikogercke avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.