triestpa/Open-Cryptochat triestpa/Open-Cryptochat

  • Stars
    star
    191
  • Rank 202,877 (Top 4 %)
  • Language
    JavaScript
  • License
    MIT License
  • Created over 7 years ago
  • Updated about 3 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
triestpa/Open-Cryptochat
github

triestpa

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

An end-to-end, RSA-2048 encrypted anonymous chat application.

An Introduction To Utilizing Public-Key Cryptography In Javascript

Open Cryptochat - A Tutorial

Cryptography is important. Without encryption, the internet as we know it would not be possible - data sent online would be as vulnerable to interception as a message shouted across a crowded room. Cryptography is also a major topic in current events, increasingly playing a central role in law enforcement investigations and government legislation.

Encryption is an invaluable tool for journalists, activists, nation-states, businesses, and everyday people who need to protect their data from the ever-present threat of hackers, spies, and advertising agencies.

An understanding of how to utilize strong encryption is essential for modern software development. We will not be delving much into the underlying math and theory of cryptography for this tutorial; instead, the focus will be on how to harness these techniques for your own applications.

Screenshot 5

In this tutorial, we will walk through the basic concepts and implementation of an end-to-end 2048-bit RSA encrypted messenger. We'll be utilizing Vue.js for coordinating the frontend functionality along with a Node.js backend using Socket.io for sending messages between users.

The concepts that we are covering in this tutorial are implemented in Javascript and are mostly intended to be platform-agnostic. We will be building a traditional browser-based web app, but you can adapt this code to work within a pre-built desktop (using Electron) or mobile ( React Native, Ionic, Cordova) application binary if you are concerned about browser-based application security.[^1] Likewise, implementing similar functionality in another programming language should be relatively straightforward since most languages have reputable open-source encryption libraries available; the base syntax will change but the core concepts remain universal.

Disclaimer - This is meant to be a primer in end-to-end encryption implementation, not a definitive guide to building the Fort Knox of browser chat applications. I've worked to provide useful information on adding cryptography to your Javascript applications, but I cannot 100% guarantee the security of the resulting app. There's a lot that can go wrong at all stages of the process, especially at the stages not covered by this tutorial such as setting up web hosting and securing the server(s). If you are a security expert, and you find vulnerabilities in the tutorial code, please feel free to reach out to me by email ([email protected]) or in the comments section below.

To read more, visit - https://github.com/triestpa/Open-Cryptochat

This app is 100% open-source, feel free to utilize the code however you would like.

The MIT License (MIT)

Copyright (c) 2018 Patrick Triest

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

More Repositories

1

Guttenberg-Search

Open-source web app using Elasticsearch and Docker to search through the contents of 100 classic novels.
JavaScript
426
star
2

Cryptocurrency-Analysis-Python

Open-Source Tutorial For Analyzing and Visualizing Cryptocurrency Data
Jupyter Notebook
361
star
3

Atlas-Of-Thrones

An interactive "Game of Thrones" map powered by Leaflet, PostGIS, and Redis.
JavaScript
281
star
4

You-Should-Learn-Regex

Regular Expresion Tutorial (blog.patricktriest.com) Source Code
JavaScript
68
star
5

OpenJS-Sandbox

Offline-first Javascript interpreter web app.
JavaScript
56
star
6

Police-Analysis-Python

Open Source Tutorial For Analyzing & Visualizing 60 Million Police Stops Using Python
Jupyter Notebook
44
star
7

koa-joi-validate

Tiny module to generate request validation middleware for Koa using Joi.
JavaScript
27
star
8

Vue-Chess

Pure VueJS frontend for multiplayer chess project.
JavaScript
9
star
9

stockfish-microservice

Tiny Node API to interface with Stockfish chess AI.
JavaScript
8
star
10

Tiny-OTP

Browser-based, Google Authenticator compatible, time-based one-time-password (TOTP) library. 4kb minified and gzipped.
JavaScript
7
star
11

Open-OTP

An offline-first OTP generator webapp, directly compatible with Google Authenticator.
Vue
6
star
12

docker-dev-env

Portable interactive dev environment containerized with Docker.
Vim Script
4
star
13

llm-modal-example

Example of serving LLMs using Modal
Python
4
star
14

Blockchain-JS

A cryptographically secure blockchain protocol implemented in Javascript.
JavaScript
4
star
15

Open-OTP-Server

A fast, secure, open-source NodeJS server for validating OTPs.
JavaScript
4
star
16

Media-Moderator

A news aggregator that uses the Alchemy API to analyze and compare the bias of news stories.
Java
3
star
17

Term-Generator-API

A pseudo-random human-readable term generator to assist in password, username, keyword, and sentence generation.
JavaScript
3
star
18

PhotoShare

Parse-integrated Camera App
Java
2
star
19

django_angular

A sample Django app using Django-REST-Framework and Angular.js. Boilerplate code forked from brwr/thinkster-django-angular-boilerplate
JavaScript
2
star
20

Cerebro-Microservice

Image classification microservice using Tensorflow, Keras, and Flask.
HTML
1
star
21

CloudCamera

Cloud-backed Camera App
Java
1
star
22

simpleCamera

A very simple camera app for android
Java
1
star
23

Tiny-PRNG

Tiny (1kb), mathematically correct, Lehmer / Park-Miller Pseudorandom Number Generator
JavaScript
1
star
24

triestpa.github.io

HTML
1
star
25

DataVis-WorldBank

Goal: Find a creative and engaging way to visualize publicly available World Bank data.
JavaScript
1
star
26

WifiDirect-Messaging

Communicate between phones locally over Wifi-Direct
Java
1
star
27

GetHome-iOS

An iOS app to automatically detect your location and guide you home with minimal complexity for the user.
Swift
1
star
28

Friendly-Earth

A website to help people visualize their online social networks in order to find a friend to stay with while traveling.
JavaScript
1
star
29

BlueSky

Simple iOS app to display the weather.
Swift
1
star