SourceForge has been redesigned. Learn more.

#18 Add Conference Room Encryption


The ability to initiate a conferece with several users who
have GAIM Encrypt installed and carry on an encrypted
conversation so that all the users could read and write. I
can think of two possible ways to facilitate this:
A) The sender would have to encrypt the message to
each person in the conference room
B) The first person who chats would have to create a
symmetric key that would be sent to all users using
public/private. Then all messages would have to be
encrypted and decrypted with the symmetric key.

Any other ideas on how to do this?


  • Bill Tompkins

    Bill Tompkins - 2004-08-12
    • priority: 5 --> 3
  • Bill Tompkins

    Bill Tompkins - 2004-08-12

    Logged In: YES

    I've thought about this a bit in the past, and think that
    (B) would be the way to go. Distributing that symmetric key
    (call it Ks) would be the difficulty.... When someone joins
    the chat, does another client automatically send them the
    key? If so, which client does? And what if Mallory joins
    the channel for a second, gets the key, then leaves... he
    still has the key, so he can listen in on his network
    sniffer, so you probably want to regenerate the key when
    someone leaves chat.

    All in all, I think it's a pretty neat problem to solve
    cleanly, but also a rather big effort, as it would be
    completely different from the current encryption scheme. I
    just don't have time to work on it now. Maybe if I get
    fired, I'll have time to work on fun projects like that :)

  • Nobody/Anonymous

    Logged In: NO

    They're both fairly standard ideas for encrypted broadcast
    communication. Since AIM traffic is pretty low-bandwidth,
    (A) would probably be fine, and presumably take less effort
    to implement. However, large groups could cause problems.
    I don't ever use the chat feature so I have no idea how
    large the groups tend to get. The symmetric group key idea
    is probably the right way to do it, but more of a pain to

  • Bill Tompkins

    Bill Tompkins - 2005-06-08

    Logged In: YES

    In the #gaim chat room on irc, there are frequently >100
    people, so chat groups do get pretty big sometimes. Now,
    why exactly you need encryption for a public forum like that
    is another question :)

  • rob

    rob - 2006-02-14

    Logged In: YES

    A friend of mine and I had thought about adding this
    functionality to gaim-encryption. The solution we came up
    with was neither A) nor B) but a third option.

    The assumption that a chat room is either by invite or
    public and thus you _want_ everyone in the room to be able
    to hear but not eavesdroppers as the communication is
    sent/received we though the most efficient way to solve this
    problem would be to decrypt the message w/ your own private
    key to be encrypted by all receivers in the room with your
    public key to obtain the text.

    It is analogous to digitally signing an email [according to
    my limited knowledge] anyone with your public key can
    decrypt the information [which is rather unsecure] but if
    your only concern is encrypted network travel you should be


Log in to post a comment.