mobile-sec-notifier
- Two chat participants [A]lice and [B]ob.
- Send encrypted messages indirectly via the server between A and B.
- A and B in distinct networks.
Usage
The default mode of operation requires:
- A server
- One python client in receiver mode
- One android client in sender mode
- Start server with
python server.py
- Start client
- Python:
python client.py MODE
, whereMODE
is 0 (receiver) or 1 (sender) - Android:
- Set notification permissions if necessary.
- Enter IP address and port of server.
- Click
Open communication
- Enter generated id_code in other client.
- Wait on connection.
- Done (Click
Broadcast Test Notification
)
- Python:
Notes to usage:
- Requires two clients, with one in sender mode and the other in reciver mode
- The android client is also capable of receiving. Simply use the switch in the interface.
- The android client can be started easily with Android Studio.
- Otherwise, there is a built APK available in the folder
releases/
Implemented:
- Protocol
- Server (python)
- Python-Client
- Android-Client
Prototype 1:
-
Python-Server & Python-Test-Client
- Exchange messages server<->client using protobuf
-
Android-Client
- Grab notifications
- Communicate with grpc service
- Create protocol
Prototype 2:
-
Python-Test-Client:
- Register to server / authenticate at the server
-
Establish ephemeral key with target client
- Client-to-client key exchange using RSA
- Client-to-client encryption using AES
- Exchange messages using AES with ephemeral key
-
Android-Client
- Client message encryption using AES
- Key exchange implementation / server authentication
Prototype 3:
- grpc secure connection
- Harden against attacks (for reference: https://core.telegram.org/techfaq#protection-against-known-attacks)
TODO:
- grpc secure connection, need certificate
- BAD: Freshness is only 4 Byte
- BAD: comm_id's are predictable and public
- BAD: sequence numbers start at 0 and don't reset on connect/disconnect
- don't die everytime something is wrong, just ignore the request
- Search for "TODO" in the project sources
- BAD: AES IV is public
- Fix: Derive AES key and IV from the payload and session key
- msg_key = hash(payload + lower_part_of_eph_key) -> public msg_key
- aes_key, iv = KDF(msg_key + upper_part_of_eph_key)
- Similar to how telegram does it (See: https://core.telegram.org/techfaq#protection-against-known-attacks)
Notes
- No real use for the AD in AES AEAD
- Add a pint of salt
- Verify protocol transcript