1 / 14

Sysecure: A Pidgin plug-in for symmetric encryption

Jason Cody Hamilton Turner. Sysecure: A Pidgin plug-in for symmetric encryption. Outline. Introduction System Design General API Security Features SySecure 1.0 Challenges Conclusions. Introduction.

dexter
Download Presentation

Sysecure: A Pidgin plug-in for symmetric encryption

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Jason Cody Hamilton Turner Sysecure:A Pidgin plug-in forsymmetricencryption

  2. Outline • Introduction • System Design • General • API • Security Features • SySecure 1.0 • Challenges • Conclusions

  3. Introduction • Implement a symmetric key encryption plugin for use with Pidgin, a universal chat client. • Phase I: Enable symmetric encryption • Phase II: Enable symmetric encryption for sessions and distribute session keys using public key encryption • SySecure 1.0 : Currently does both* • *SySecure 1.1: full security features

  4. Unencrypted Msg Encrypted Msg

  5. System Design: General Pidgin Signals GTK_UI SySecure Rcv Msg User Interface Send Msg Encrypt Msg_Handler Decrypt Public_Key Session_Key Manages pub keys Generation Encryption Decryption

  6. System Components: API • libpurple • Core IM library • Pidgin • Pidgin interface • GTK+ • User interface • Mozilla NSS • Network Security Suite

  7. System Design: Security Sender ID --Acquired from conversation window --Session Key: 128bit key --MSG is plaintext --Digital Signature is a hash of the message encrypted with the sender’s public key E(PK, Session Key) MSG E(PR, H(MSG)) Public Key --RSA Public Key, created on initialization of first conversation and stored. *Note: This is a connectionless, application protocol similar in function to PGP (except there is no data compression—yet)

  8. System Design: Security Sender ID E(PK, Session Key) MSG --MSG and Hash are encrypted using AES in CBC mode then converted to ASCII code for transmission E(PR, H(MSG)) Public Key *Note: This is a connectionless, application protocol similar in function to PGP (except there is no data compression—yet)

  9. System Design: Security Sender ID On receipt, the receiver gets the sender’s ID from the Pidgin The receiver decrypts the session key using their private key Session Key E(PK, Session Key) MSG MSG Use the session key to decrypt the MSG and retrieve the encrypted hash E(PR, H(MSG)) E(PR, H(MSG)) Public Key *Note: This is a connectionless, application protocol similar in function to PGP (except there is no data compression—yet)

  10. System Design: Security Sender ID Session Key Take a hash and compare it to the received hash. If equal, accept message MSG Use the sender public key to decrypt the hash H(MSG) E(PR, H(MSG)) Use the Sender ID to retrieve the public key of the sender Public Key *Note: This is a connectionless, application protocol similar in function to PGP (except there is no data compression—yet)

  11. Plugins for Pidgin • Once compiled Plugins are just dlls • “Install” Sysecure by dropping the dll in the plugin directory • It will then appear in the plugin selection window

  12. Challenges • Requires direct interface with: • Pidgin • Libpurple • GTK+ • Mozilla NSS • Debugging and IM – Lockout • (i.e. Yahoo! will lock you out if you log in/out to frequently) • Memory leak detection • Debugging plugin code • Only way to debug is to run it

  13. Way Ahead… • Hashing and Public Key File I/O still in development • Update user interface to easily distinguish between encryption/decryption mode • Extend support to file transfer

  14. Questions? Download Pidgin at: http://www.pidgin.im

More Related