can i ask something? if i have the client on one pc and the server on the other, so they are in 2 different files, and to receive messages i need to decrypt them with the private key wich is not shared between client and server and only the server has, how do i receive messages on the client?
There are 4 keys total in this example. The server has a public and private key and so does the client. All the scripts do is connect to each other and exchange public keys before sending and receiving messages. Each instance only has their respective public and private keys until they connect to each other and store the other's public key.
Great video! I have a question: what if some third party will be able to intercept the public keys? I'm talking about the man-in-the-middle (MITM) problem. How to deal with that kind of threat?
Only the public key is sent. To decode it you need the private key. In a full solution the two sides exchange public keys and then use the other sides public key to send, and their own private key to decode the received messages. In a MITM attack the attacker could replace the public keys and then decode each message with their own private key and then reencode the message with original public key but this can be detected by including a copy of the public key, or something derived from it, in an encoded message so that the key the receiver is using is different to this new copy since the attacker had to replace the original. Look into Diffie Hellman key exchange.
use https socks 5 and ssl port 443 add AES encryption with a SHA 256 hash 128b as your keys, To further add security create a firewall which controls incoming and outgoing traffic, make sure you get your logs game tight This should ensure End to End encryption in the manner you are seeking
here is an example of how you can start off: import socket import threading import rsa from Crypto.Cipher import AES from Crypto.Random import get_random_bytes import ssl public_key, private_key = rsa.newkeys(1024) public_partner = None aes_key = get_random_bytes(16) choice = input('Do you want to host (1) or join a chat (2)? ') IP = input('Enter the IP of the server: ') PORT = int(input('Enter the port of the server: ')) context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH) context.load_cert_chain(certfile='path/to/certfile', keyfile='path/to/keyfile') if choice == '1': server = socket.socket(socket.AF_INET, socket.SOCK_STREAM) server.bind((IP, PORT)) server.listen()
This is great as I can use it to show implementation of Encryption. However, is it only RSA I can use for this? I want to build a secure messaging protocol as school project. Can I use any encryption or it has to be RSA. Also if you have any tips or suggestions for this project, I'd really appreciate. Thanks
Hi neural I have been following your videos and you are really very specific. I have a problem with this chat, client and server only communicate if I'm on the same network. Come faccio comunicare client e serve anche su reti esterne? Ho provato col port forwarding ad aprire la mia porta, inserire ip locale e nel client l ip pubblico, ma non si connette, non riesco a capire il problema...
same here, i think you have to enable some stings in your wifi router in the server side and make sure to use the device which is running the server has its ip address
Great video and content! Just one observation: I don't know if was on purpose or not, but you didn't inspect the first package sent between the 2 chats when you launch with option 1 and 2 (the exchange of the keys). I'm not sure how it works that and didn't try yet this simple implementation, but I believe the 2 keys were exchanged in clear text (correct me if I'm wrong :D ) which means that someone catching the 2 keys exchanged could use it to decrypt the messages. A suggestion as a content video would be how to improve this would be how to exchange keys with Diffie-Hellman method. Keep up the good work!
You can't use public keys to decrypt messages, only to encrypt them. The Diffie-Hellman method doesn't protect against man in the middle attacks. You would need to add another layer of security to verify the users' identities.
Best explanation of encryption that I have ever heard! Clear, simple, and concise!
exactly what i was looking, keep the good work.
This guy kinda looks like Michael Scofield from Prison Break. But the topics and his style of explaining both are really good.
He should show us his back just in case
thank you so much man,
I use your code for my college project
about public key cryptography
thesis?
Hlo sir if your project is over then u can share ?
Great explanation and practical code. Thanks :)
love it! great explanation man
can i ask something? if i have the client on one pc and the server on the other, so they are in 2 different files, and to receive messages i need to decrypt them with the private key wich is not shared between client and server and only the server has, how do i receive messages on the client?
There are 4 keys total in this example. The server has a public and private key and so does the client. All the scripts do is connect to each other and exchange public keys before sending and receiving messages. Each instance only has their respective public and private keys until they connect to each other and store the other's public key.
very good explanation, thanks
Great video! I have a question: what if some third party will be able to intercept the public keys? I'm talking about the man-in-the-middle (MITM) problem. How to deal with that kind of threat?
Only the public key is sent. To decode it you need the private key. In a full solution the two sides exchange public keys and then use the other sides public key to send, and their own private key to decode the received messages. In a MITM attack the attacker could replace the public keys and then decode each message with their own private key and then reencode the message with original public key but this can be detected by including a copy of the public key, or something derived from it, in an encoded message so that the key the receiver is using is different to this new copy since the attacker had to replace the original.
Look into Diffie Hellman key exchange.
@@steves9250 I just got done with a 3 week course for Sec+ course the Army put me through. You're giving me flashbacks! 😝
@@steves9250 The MITM on needs enough packets to break the encryption.
use https socks 5 and ssl port 443 add AES encryption with a SHA 256 hash 128b as your keys,
To further add security create a firewall which controls incoming and outgoing traffic,
make sure you get your logs game tight
This should ensure End to End encryption in the manner you are seeking
here is an example of how you can start off: import socket
import threading
import rsa
from Crypto.Cipher import AES
from Crypto.Random import get_random_bytes
import ssl
public_key, private_key = rsa.newkeys(1024)
public_partner = None
aes_key = get_random_bytes(16)
choice = input('Do you want to host (1) or join a chat (2)? ')
IP = input('Enter the IP of the server: ')
PORT = int(input('Enter the port of the server: '))
context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
context.load_cert_chain(certfile='path/to/certfile', keyfile='path/to/keyfile')
if choice == '1':
server = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
server.bind((IP, PORT))
server.listen()
client, _ = server.accept()
client = context.wrap_socket(client, server_side=True)
client.send(public_key.save_pkcs1('PEM'))
public_partner = rsa.PublicKey.load_pkcs1(client.recv(1024), 'PEM')
encrypted_aes_key = rsa.encrypt(aes_key, public_partner)
client.send(encrypted_aes_key)
elif choice == '2':
client = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
client = context.wrap_socket(client)
client.connect((IP,PORT))
public_partner = rsa.PublicKey.load_pkcs1(client.recv(1024), 'PEM')
encrypted_aes_key = client.recv(1024)
aes_key = rsa.decrypt(encrypted_aes_key, private_key)
client.send(public_key.save_pkcs1('PEM'))
else:
exit()
def sending_messages(c):
while True:
message = input('')
cipher = AES.new(aes_key, AES.MODE_EAX)
ciphertext, tag = cipher.encrypt_and_digest(message.encode())
c.send(ciphertext + tag)
print('You: ' + message)
def receiving_messages(c):
while True:
ciphertext = c.recv(1024)
cipher = AES.new(aes_key, AES.MODE_EAX, nonce=ciphertext[:16])
message = cipher.decrypt_and_verify(ciphertext[16:-16], ciphertext[-16:])
print('User:' + message.decode())
threading.Thread(target=sending_messages, args=(client,)).start()
threading.Thread(target=receiving_messages, args=(client,)).start()
Great tutorial! Congrats
Great tutorial, I wonder can we send a message to someone over the internet just by using Socket and P2P?
Thank you for all the valuable content!
Do one with ssl please, having a hard time just validating the certificate
the matlab joke made me crack lmao
Any idea how to get around the (Super Long Message Error) at the end?
I am a bit late but you can increase the number of bits from 1024 to some big numbers to handle large messages
@@abdullahmalik3818 Awesome, I will give it a try. Thanks!
This is great as I can use it to show implementation of Encryption.
However, is it only RSA I can use for this? I want to build a secure messaging protocol as school project. Can I use any encryption or it has to be RSA. Also if you have any tips or suggestions for this project, I'd really appreciate. Thanks
RSA is widely used and its considered more safe as compared to others
Stay Blessed Man. Tnx Alot
Very cool! Thanks.
HTML for iPhone possible 14:39
Why the sending message function dose'nt work plzz what can i do ?
Hi neural I have been following your videos and you are really very specific. I have a problem with this chat, client and server only communicate if I'm on the same network.
Come faccio comunicare client e serve anche su reti esterne?
Ho provato col port forwarding ad aprire la mia porta, inserire ip locale e nel client l ip pubblico, ma non si connette, non riesco a capire il problema...
same here, i think you have to enable some stings in your wifi router in the server side and make sure to use the device which is running the server has its ip address
Great video and content!
Just one observation: I don't know if was on purpose or not, but you didn't inspect the first package sent between the 2 chats when you launch with option 1 and 2 (the exchange of the keys).
I'm not sure how it works that and didn't try yet this simple implementation, but I believe the 2 keys were exchanged in clear text (correct me if I'm wrong :D ) which means that someone catching the 2 keys exchanged could use it to decrypt the messages.
A suggestion as a content video would be how to improve this would be how to exchange keys with Diffie-Hellman method.
Keep up the good work!
You can't use public keys to decrypt messages, only to encrypt them. The Diffie-Hellman method doesn't protect against man in the middle attacks. You would need to add another layer of security to verify the users' identities.
thank u so much u are the best
Thanks)))
its really interesting you allready show how to send message but still good video...can you do a video where you create a mini rythm game?
awesome video
How connect with other rede?
Cool !
how can i do MITM in this?
where can i get source code
thankyou sir
source code????
It’s like three lines of code. Just type it
REQUEST!!!!: Can u pleaseeeeeeeeeeeeeeeeeee give me the code
Were is the source code ?
Everything you claim is true, the chat is encrypted. It's a shame it's not also secure. :(
wheres the github for this please i wana test it out?