Great video! I have a question: what if some third party will be able to intercept the public keys? I'm talking about the man-in-the-middle (MITM) problem. How to deal with that kind of threat?
Only the public key is sent. To decode it you need the private key. In a full solution the two sides exchange public keys and then use the other sides public key to send, and their own private key to decode the received messages. In a MITM attack the attacker could replace the public keys and then decode each message with their own private key and then reencode the message with original public key but this can be detected by including a copy of the public key, or something derived from it, in an encoded message so that the key the receiver is using is different to this new copy since the attacker had to replace the original. Look into Diffie Hellman key exchange.
use https socks 5 and ssl port 443 add AES encryption with a SHA 256 hash 128b as your keys, To further add security create a firewall which controls incoming and outgoing traffic, make sure you get your logs game tight This should ensure End to End encryption in the manner you are seeking
here is an example of how you can start off: import socket import threading import rsa from Crypto.Cipher import AES from Crypto.Random import get_random_bytes import ssl public_key, private_key = rsa.newkeys(1024) public_partner = None aes_key = get_random_bytes(16) choice = input('Do you want to host (1) or join a chat (2)? ') IP = input('Enter the IP of the server: ') PORT = int(input('Enter the port of the server: ')) context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH) context.load_cert_chain(certfile='path/to/certfile', keyfile='path/to/keyfile') if choice == '1': server = socket.socket(socket.AF_INET, socket.SOCK_STREAM) server.bind((IP, PORT)) server.listen()
can i ask something? if i have the client on one pc and the server on the other, so they are in 2 different files, and to receive messages i need to decrypt them with the private key wich is not shared between client and server and only the server has, how do i receive messages on the client?
There are 4 keys total in this example. The server has a public and private key and so does the client. All the scripts do is connect to each other and exchange public keys before sending and receiving messages. Each instance only has their respective public and private keys until they connect to each other and store the other's public key.
This is great as I can use it to show implementation of Encryption. However, is it only RSA I can use for this? I want to build a secure messaging protocol as school project. Can I use any encryption or it has to be RSA. Also if you have any tips or suggestions for this project, I'd really appreciate. Thanks
Hi neural I have been following your videos and you are really very specific. I have a problem with this chat, client and server only communicate if I'm on the same network. Come faccio comunicare client e serve anche su reti esterne? Ho provato col port forwarding ad aprire la mia porta, inserire ip locale e nel client l ip pubblico, ma non si connette, non riesco a capire il problema...
same here, i think you have to enable some stings in your wifi router in the server side and make sure to use the device which is running the server has its ip address
Great video and content! Just one observation: I don't know if was on purpose or not, but you didn't inspect the first package sent between the 2 chats when you launch with option 1 and 2 (the exchange of the keys). I'm not sure how it works that and didn't try yet this simple implementation, but I believe the 2 keys were exchanged in clear text (correct me if I'm wrong :D ) which means that someone catching the 2 keys exchanged could use it to decrypt the messages. A suggestion as a content video would be how to improve this would be how to exchange keys with Diffie-Hellman method. Keep up the good work!
You can't use public keys to decrypt messages, only to encrypt them. The Diffie-Hellman method doesn't protect against man in the middle attacks. You would need to add another layer of security to verify the users' identities.
![NLE Choppa - Or What ft. 41 (Orchestra Mix) [Official Music Video]](http://i.ytimg.com/vi/biOFASEgSOM/mqdefault.jpg)
This guy kinda looks like Michael Scofield from Prison Break. But the topics and his style of explaining both are really good.
He should show us his back just in case
Best explanation of encryption that I have ever heard! Clear, simple, and concise!
thank you so much man,
I use your code for my college project
about public key cryptography
thesis?
Hlo sir if your project is over then u can share ?
Great video! I have a question: what if some third party will be able to intercept the public keys? I'm talking about the man-in-the-middle (MITM) problem. How to deal with that kind of threat?
Only the public key is sent. To decode it you need the private key. In a full solution the two sides exchange public keys and then use the other sides public key to send, and their own private key to decode the received messages. In a MITM attack the attacker could replace the public keys and then decode each message with their own private key and then reencode the message with original public key but this can be detected by including a copy of the public key, or something derived from it, in an encoded message so that the key the receiver is using is different to this new copy since the attacker had to replace the original.
Look into Diffie Hellman key exchange.
@@steves9250 I just got done with a 3 week course for Sec+ course the Army put me through. You're giving me flashbacks! 😝
@@steves9250 The MITM on needs enough packets to break the encryption.
use https socks 5 and ssl port 443 add AES encryption with a SHA 256 hash 128b as your keys,
To further add security create a firewall which controls incoming and outgoing traffic,
make sure you get your logs game tight
This should ensure End to End encryption in the manner you are seeking
here is an example of how you can start off: import socket
import threading
import rsa
from Crypto.Cipher import AES
from Crypto.Random import get_random_bytes
import ssl
public_key, private_key = rsa.newkeys(1024)
public_partner = None
aes_key = get_random_bytes(16)
choice = input('Do you want to host (1) or join a chat (2)? ')
IP = input('Enter the IP of the server: ')
PORT = int(input('Enter the port of the server: '))
context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
context.load_cert_chain(certfile='path/to/certfile', keyfile='path/to/keyfile')
if choice == '1':
server = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
server.bind((IP, PORT))
server.listen()
client, _ = server.accept()
client = context.wrap_socket(client, server_side=True)
client.send(public_key.save_pkcs1('PEM'))
public_partner = rsa.PublicKey.load_pkcs1(client.recv(1024), 'PEM')
encrypted_aes_key = rsa.encrypt(aes_key, public_partner)
client.send(encrypted_aes_key)
elif choice == '2':
client = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
client = context.wrap_socket(client)
client.connect((IP,PORT))
public_partner = rsa.PublicKey.load_pkcs1(client.recv(1024), 'PEM')
encrypted_aes_key = client.recv(1024)
aes_key = rsa.decrypt(encrypted_aes_key, private_key)
client.send(public_key.save_pkcs1('PEM'))
else:
exit()
def sending_messages(c):
while True:
message = input('')
cipher = AES.new(aes_key, AES.MODE_EAX)
ciphertext, tag = cipher.encrypt_and_digest(message.encode())
c.send(ciphertext + tag)
print('You: ' + message)
def receiving_messages(c):
while True:
ciphertext = c.recv(1024)
cipher = AES.new(aes_key, AES.MODE_EAX, nonce=ciphertext[:16])
message = cipher.decrypt_and_verify(ciphertext[16:-16], ciphertext[-16:])
print('User:' + message.decode())
threading.Thread(target=sending_messages, args=(client,)).start()
threading.Thread(target=receiving_messages, args=(client,)).start()
Do one with ssl please, having a hard time just validating the certificate
exactly what i was looking, keep the good work.
Great explanation and practical code. Thanks :)
Great tutorial, I wonder can we send a message to someone over the internet just by using Socket and P2P?
Any idea how to get around the (Super Long Message Error) at the end?
I am a bit late but you can increase the number of bits from 1024 to some big numbers to handle large messages
@@abdullahmalik3818 Awesome, I will give it a try. Thanks!
can i ask something? if i have the client on one pc and the server on the other, so they are in 2 different files, and to receive messages i need to decrypt them with the private key wich is not shared between client and server and only the server has, how do i receive messages on the client?
There are 4 keys total in this example. The server has a public and private key and so does the client. All the scripts do is connect to each other and exchange public keys before sending and receiving messages. Each instance only has their respective public and private keys until they connect to each other and store the other's public key.
This is great as I can use it to show implementation of Encryption.
However, is it only RSA I can use for this? I want to build a secure messaging protocol as school project. Can I use any encryption or it has to be RSA. Also if you have any tips or suggestions for this project, I'd really appreciate. Thanks
RSA is widely used and its considered more safe as compared to others
very good explanation, thanks
Why the sending message function dose'nt work plzz what can i do ?
Hi neural I have been following your videos and you are really very specific. I have a problem with this chat, client and server only communicate if I'm on the same network.
Come faccio comunicare client e serve anche su reti esterne?
Ho provato col port forwarding ad aprire la mia porta, inserire ip locale e nel client l ip pubblico, ma non si connette, non riesco a capire il problema...
same here, i think you have to enable some stings in your wifi router in the server side and make sure to use the device which is running the server has its ip address
Great tutorial! Congrats
the matlab joke made me crack lmao
love it! great explanation man
Stay Blessed Man. Tnx Alot
Great video and content!
Just one observation: I don't know if was on purpose or not, but you didn't inspect the first package sent between the 2 chats when you launch with option 1 and 2 (the exchange of the keys).
I'm not sure how it works that and didn't try yet this simple implementation, but I believe the 2 keys were exchanged in clear text (correct me if I'm wrong :D ) which means that someone catching the 2 keys exchanged could use it to decrypt the messages.
A suggestion as a content video would be how to improve this would be how to exchange keys with Diffie-Hellman method.
Keep up the good work!
You can't use public keys to decrypt messages, only to encrypt them. The Diffie-Hellman method doesn't protect against man in the middle attacks. You would need to add another layer of security to verify the users' identities.
HTML for iPhone possible 14:39
Thank you for all the valuable content!
its really interesting you allready show how to send message but still good video...can you do a video where you create a mini rythm game?
Very cool! Thanks.
How connect with other rede?
how can i do MITM in this?
where can i get source code
thank u so much u are the best
Thanks)))
thankyou sir
REQUEST!!!!: Can u pleaseeeeeeeeeeeeeeeeeee give me the code
awesome video
Everything you claim is true, the chat is encrypted. It's a shame it's not also secure. :(
source code????
It’s like three lines of code. Just type it
Were is the source code ?
Cool !
wheres the github for this please i wana test it out?