[Quorumchat-development] Rough design draft
Secure chat and file sharing application.
Status: Planning
Brought to you by:
slicer69
Menu
▾
▴
[Quorumchat-development] Rough design draft
|
From: Jesse S. <jes...@ya...> - 2012-06-15 15:42:45
|
This is my rough draft of the design of the chat/file application. Please feel free to post suggestions, questions, etc.... Secure chat message and file sharing software outline. Working title “Quorum” What? – Big picture Quorum is to be a secure chat and file sharing service with a focus on peer-to-peer communication. This will allow users to exchange messages and files privately. Why? The Arab protests and similar protests around the globe have shown there are times when people may wish to communicate peacefully and discreetly. Governments all around the world have established laws (or are in the process of adopting laws) which would allow them to monitor, track and use network communications as evidence. In order to assist law abiding citizens to communicate privately we hope to create a secure method of communication which will not require any foreknowledge of encryption, security certificates or networking protocols. The application(s) should “just work” for the end user. How? -- Big picture Quorum will be divided into two pieces, a server and a client. The server will have the fairly simple jobs of: 1. Maintaining a list of connected clients. 2. Initiating the handshake between two clients. 3. Passing messages between clients when they are unable to communicate directly due to firewalls or filtering software. The clients will have the ability to send messages to other clients, either directly or (if direct contact is not possible) they will talk through a server. Clients should also be able to send/receive files with other clients. How? -- Slightly more detailed picture As an overview let's look at a typical day in the life of a client. We start out by connecting to a known server. We provide the server with our ID. Let's say we want to form a connection with our friend, Susan. We ask the server to pass a “friend” request to Susan. If Susan accepts our request, then the server helps us exchange IP addresses and public security keys. We attempt to connect to Susan, but something is in the way. We pass a message to Susan (through the server) asking her to connect to us. Susan connects to us directly and we can exchange messages back and forth directly. About the security? At the moment my idea for dealing with security is to have two levels of message encoding. Communication between the server and a client can be encrypted using secure socket layer (SSL). Communication between one client and another client I think should use a unique RSA key which is A) only used for that session and B) exists only in memory. This should prevent keys from being stolen or users being asked to hand over their keys to someone else. In a third scenario, clients may be forced to communicate through a server (Client->Server->Client), if this happens then the connections between the server and clients should be sent over SSL, and the messages embedded inside the SSL stream will be encoded using RSA. This prevents the server from listening in on the communication. ie The server knows who is communicating, but it does not know what is being said. Technology? It is my thought to write the server and client software using the cross-platform Qt C++ library. Qt provides secure socket code, threads and graphical user interface classes which should make writing and (most of all) porting the software fairly straight forward. Copies of Qt (including the libraries, graphical development suite and documentation) can be found in the Qt SDK bundle located here: http://qt.nokia.com/downloads On the hardware side of things any fairly modern computer with a graphical interface should be able to run a Quorum client. For testing and deployment we will eventually need a server. The hardware requirements for the server will be low (at least at first), but it will have to be available 24/7. Ideally I think the server should be running stable version of Linux. Communication protocol? The specific protocol between clients and server and clients with clients is still a work in progress... |
