Embed Size (px)
Citation preview
G R O U P M E M E B E R S
Robbie Bridgewater
Dawit Woldegiorgis
Ryan Zavoral
SUMMARY• What is Authentichat?
– Secure messaging client for iPhone
• How is it special?
– Physical proximity for establishing connection
– Private keys for verification
• Why use it?
– Difficult to impersonate another user
– Encryption reduces network sniffing risks
– Authentic chat experience!
SECURITY MODEL• Identity:
– Phone Number - Primary
– Device ID – Secondary
• Communication:
– Authentication by user (one-time)
– Private key sharing for establishing secure channel
– Message encryption
– Evaluate integrity via encrypted checksum
SECURITY MODEL - IDENTITY• Establishing Identity
– Confirm via text
– Reset mechanism
1. ID
2. Confirmation Msg.
3. Confirm
Client Server
SECURITY MODEL - COMMUNICATIONEstablishing Identity
1. Request
2. Confirm
3. KEY
5. Add a connection
AirdropInternet
1. Encrypt via Key
3. Verify
4. Find connection
5. Forward
7. Decrypt via Key
Sending Message
Server
A B
Server
A B
IMPLEMENTATION• Application source code
– Swift: backend/frontend
– Objective C: Wrapper for C++ code (security/low level)
• Messaging API – Sinch– Parse web server
• Task division– Ryan: Implement security algorithm
– Robbie: Backend development
– Dawit: Frontend development & Security penetration testing
REFERENCESC++ Documentation : http://www.cplusplus.com/
Objective-C Tutorial and Documentation: http://www.tutorialspoint.com/ios/ios_objective_c.htm
Swift Documentation: https://developer.apple.com/swift/
Airdrop Usage with IOS Applicationshttps://developer.apple.com/library/ios/samplecode/sc2273/Introduction/Intro.html
Symmetric Key Encryption Linkshttps://en.wikipedia.org/wiki/Symmetric-key_algorithm
Parse Web Serverhttps://parse.com/
Sinchhttps://www.sinch.com
