These keys cannot be reconstructed even with the knowledge of the second layers decrypted network traffic and the secret passwords. Shared ECDH keys are combined with the provided channel passwords, which results in unique and one-time encryption keys between the parties. Once the server connection is secured, it joins the given channel and starts building up end-to-end encrypted layers with each individual member (using ECDH for key exchange and ChaCha20- Poly1305 for ciphering).
This second layer also prevents transparent proxies (with their own CA certificates installed on the client) from inspecting their communication. During key exchange, messages from the server are RSA-signed and verified by the client to make sure it is not connecting to a forged destination. Then they create an additional encrypted layer, using ECDH for key exchange and AES-256 for ciphering. The client application establishes a WebSocket (over TLS) connection with the chat server. Real-time messaging - Each piece of data is exchanged immediately between the parties nothing is queued or stored, even for a single second. Outstanding privacy - Conversations can happen without providing any personal detail or account. Triple encryption - Two additional security layers protect messages, on top of the standard TLS protocol. We have created a unique solution which does not require any sort of data storage and makes sure that messages cannot be decrypted even with the complete knowledge of the server contents, network traffic, and provided secret passwords. Our goal was to create an anonymous chat platform which can be used safely over inspected infrastructures so that conversations cannot be recovered even if the server has been seized or one of the participants has been questioned. It does not try to replace popular messaging applications, but instead to provide an alternate, secure channel for confidential discussions.
:origin()/pre14/79f9/th/pre/i/2011/008/f/b/gentleman_by_sakkarra_ookami-d36qtox.jpg "reddit qtox")
No databases, no accounts, no chat logs.Īimed for anyone who wants to be sure that their conversations are kept private and prefers more security over fancy features. CHATCRYPT The Secure Channel Welcome to ChatCryptĪn end-to-end encrypted group chat that doesn't store anything in the cloud.
0 kommentar(er)
