Secure Instant Point-to-Point (P2P) Messaging using Node.js and Socket.IO
- git clone https://github.com/chanyoonzhu/secure-chat.git
- cd secure-chat
- npm install
- mongod
- mongo < models/db.js
- npm run start
- http://localhost:3000 in your browser
- username and password:
username | password |
---|---|
Alice | Security1sF*n |
Bob | Security1sF*n |
- crypto https://nodejs.org/api/crypto.html
- log in using passphrase (done)
- generate key using passphrase
- padding strategy
- message encryption with 56-bit key
- display both cipher and plaintext
- bonus: periodically update the key (done)
- image messaging serve image
- file messaging serve file
- Salt Hash passwords using NodeJS crypto
- Node.js Authentication with Passport
- Local Authentication with Passport and Mongo
- Local Authentication Using Passport in Node.js
- Client side encryption with Crypto-js - cdn
- CryptoJS example
- Reading files in JavaScript using the File APIs
- flaticon
- periodically update the key The server, upon startup, periodically creates a random number, which is immediately sent to all connected clients. When the random number arrives, the clients update this number stored in their local storage. In this way, all connected clients would store the same number at any given time (theoretically). Whenever a client sends a message, s/he uses a key generated by the passphrase and this random number combined to encrypt the message, and the client on the other side decrypts it using the same key.