Zappl Private Chat Encryption Documentation

in #zappl7 years ago

The two algorithms that we are using for encryption are often used in tandem in practice namely
SHA-256 and AES.

  • I) SHA-2 (Secure Hash Algorithm 2) is a set of cryptographic hash functions designed
    by the United States National Security Agency (NSA). It is a hash algorithm, i.e. one
    way encryption. So that it gives no way for decryption. This will be used to generate
    keys. The SHA-2 family consists of six hash functions with hash values that are 224,
    256, 384 or 512 bits.

SHA-2 is typically a building block for other cryptographic constructs. In satisfying
the requirements of cryptographic hash, it's a one-way function that is deterministic,
fast to compute, resistant to pre-image and second-preimage attacks, and is collision
resistant.

NOTE: We are going to use SHA-256.

  • II) AES (Advanced Encryption Standard) is a symmetric cryptography, i.e. it uses same
    key for both encryption and decryption.
    In present day cryptography, AES is widely adopted and supported in software. Till
    date, no practical cryptanalytic attacks against AES have been discovered.
    Additionally, AES has built-in flexibility of key length, which allows a degree of
    ‘future-proofing’ against progress in the ability to perform exhaustive key searches.

Operation of AES

  • I) AES is an iterative method. It is based on ‘substitution–permutation network’. It
    comprises of a series of linked operations, some of which involve replacing inputs by
    specific outputs (substitutions) and others involve shuffling bits around
    (permutations).

  • II) Interestingly, AES performs all its computations on bytes rather than bits. Hence,
    AES treats the 128 bits of a plaintext block as 16 bytes. These 16 bytes are arranged
    in four columns and four rows for processing as a matrix.

  • III) The number of rounds in AES is variable and depends on the length of the key. AES
    uses 10 rounds for 128-bit keys, 12 rounds for 192-bit keys and 14 rounds for 256-bit
    keys. Each of these rounds uses a different 128-bit round key, which is calculated
    from the original AES key.

  • IV) The schematic of AES structure is given in the following illustration –
    787bdd1bf6440d43e49e926e90d6ea6d.png


Encryption Process

9ad05a436ee0bbe66c619b8768f81bdb.png

Decryption process

The process of decryption of an AES text is similar to the encryption process in the reverse order. Each round consists of the four processes conducted in the reverse order −

  • Add round key
  • Mix columns
  • Shift rows
  • Byte substitution

Since sub-processes in each round are in reverse manner, the encryption and decryption algorithm needs to be separately implemented, although they are very closely related.

++ Overall Flow ++

End to End secret follow the following flow

07339937e85b8fec38f946f664fad6c9.png

Sending a Request

  • Generate SHA Key and send a chat initiate request
  • The user must be shown basic information about User A and must be prompted to accept or reject the request.

Accepting a request

  • After User B confirms the creation of a secret chat with A in the client interface

Send-Receive Message in secured chat

  • Every message that is sent across is secured using the SHA Key
  • Using the same key it is decrypted at the receiving end
  • Data will be saved in encrypted form in the DB to avoid human readability
  • SHA key would be refreshed after few messages to add additional layer of security
Sort:  

slothicorn magic.....good job guys, gonna zappl soooo hard

woot

Sounds good. AES, the Belgium algorithm has indeed been proven to be fast, efficient and reasonably secure. That's symmetric encryption however so make sure that communication to establish the keys will always happen via an assymetric algorithm like SHA.

-edit, after reading the article again, I can delete my comment, I didn't add anything that wasn't already better explained by you, sorry!

No problem

@zappl,
Can we mine this coin?
Thanks for sharing such useful information.

Cheers~

Zappl isnt a coin, zappl is a site and service like steemit that runs on the steem blockchain.

@zappl,
I didn't get you, can you please tell me, is this a social media type web site or if you say it's like steemit, then we all know there is steem crypto currency as well.
Looking for your kind response!

Cheers~

Like steemit, zappl is an application that runs on the steem blockchain so you earn steem. Steemit isnt the name of the technology, steem is the technology behind steemit, busy, zappl and so on.

@zappl,
Got it now! Thank you very much friend! I am still new to this platform

Cheers~

interesting. Lots of good information

That it is,.

But it is complex

Great post, thanks for sharing!

No problem and thanks.

I have got info about SHA thanx for sharing

No problem

Thank you very much for the valuable information you shared.

Great post

Thank you for this beautiful description. We nerds like this :)

Coin Marketplace

STEEM 0.35
TRX 0.12
JST 0.040
BTC 70351.33
ETH 3563.43
USDT 1.00
SBD 4.72