Secure and insecure chat implementation

Abstract

Internet is not a single network, but a worldwide collection of loosely connected networks that are accessible by using computers, smartphones or tablets, in a variety of ways, to anyone with a computer and a network connection. Thus, individuals and organizations can reach any point on the internet without regard to national or geographic boundaries or time of day. However, along with the convenience and easy access to information come risks. Among them are the risks that valuable information will be lost, stolen, changed, or misused. If information is recorded electronically and is available on networked computers, it is more vulnerable than if the same information is printed on paper and locked in a file cabinet. Intruders do not need to enter an office or home, they may not even be in the same country. They can steal or tamper with information without touching a piece of paper or a photocopier. They can also create new electronic files, run their own programs, and hide evidence of their unauthorized activity. As it can be seen, securities issues are of a high relevance because Internet is a network of networks in which the information sent can travel over a secure or insecure network. Nowadays, messaging or chat applications are used every day by millions of users to exchange text messages, pictures, videos, contacts, documents and so on. It is translated to a huge amount of data travelling by the network in a transparent way for the users involved. For all this reasons, applying security to the information sent is really important to guarantee data protection. In our case, it has been desired to implement a chat application in which a Server and a Client can exchange, for instance, messages, pictures, documents, songs, and videos. In this application, both entities should have the possibility of sending the information over a secure or insecure channel. If the secure way is chosen some cryptographic protocols, such as symmetric and asymmetric cryptography methods, will be applied to guarantee the most important security aspects: confidentiality, security, reliability and no repudiation. In the insecure way, any cryptographic method is applied and the information will be sent in clear. To be able to exchange messages and several types of documents, it is desired to implement an interface using JAVA language in which an option has to offer to the user the possibility of switching between the secure and insecure channel. Moreover, this interface should have a box in which to store the information sent and received and a copy of this information should be stored in a backup file for further treatment. After that, it is desired to compare the packets sent and received over the local loop using Wireshark tool to verify how the information is sent when using the secure and insecure way.