Client Server chat (messenger) with encryption.

Secure client-server chat application using raw socket encryption without SSL/TLS certificates over TCP/IP sockets using C.

• Communication encryption Used :
  • RSA (2048-bit) for secure key exchange
  • AES-128 for fast, efficient message encryption
  • Proper IV management for cryptographic security
• Components
  • multithreads in both client and servers: one for receiving and the other for sending.
  • a portable crypto library (used for raw text encryption/decryption).

Without encryption

With encryption

How it works ?

sequenceDiagram
    participant Client
    participant Server

    Note over Server: Generate RSA key pair (private & public)
    Note over Client: Generate symmetric AES key

    Client->>Server: Connect to server
    Server->>Client: Send public key

    Note over Client: Encrypt symmetric key<br/>using server's public key
    Client->>Server: Send encrypted symmetric key

    Note over Server: Decrypt symmetric key<br/>using server's private key
    Note right of Server: Now both client and server<br/>have the same symmetric key

    Note over Client,Server: For each message:
    Note over Client: Generate random IV
    Note over Client: Encrypt message with<br/>IV + symmetric key
    Client->>Server: Send IV + encrypted message
    Note over Server: Decrypt message with<br/>IV + symmetric key

    Note over Server: Generate random IV
    Note over Server: Encrypt message with<br/>IV + symmetric key
    Server->>Client: Send IV + encrypted message
    Note over Client: Decrypt message with<br/>IV + symmetric key

Loading

how to run it

for server :

gcc server.c  -lcrypto -o server && ./server 

for client

gcc client.c -lcrypto -o client && ./client

What's next ?

• Adding Multi-users (clients) , instead of only one client. (group of chat).
• Optimize it : using stack instead of global variables.
• Also im thinking about integrating some asm code.