A simple script to trade messages with users, using basic hash generation and message file encryption.
This script will require the Python language, which version should be equal or bigger than 3.8.5, with the following libraries:
- sys: Read files from the Standard Input;
- hashlib: Generate the Hash values, using the SHA-256;
- random: Generate random numbers;
- time: Getting the time to generate the hash values;
- os: Verify and/or create files and directories;
- subprocess: Obtain outputs from the OpenSSL commands;
- getpass: Writing the password with the hidden icons;
The Operative System required to use this should be with the Linux Kernel. In this case, it was used the Linux Mint Cinnamon 20.2;
To encrypt and decrypt the messages, it will need the OpenSSL toolkit, using the AES-128 cypher;
This script has the following functionalities:
- Register with an username and password;
- Login with the username and password registered;
- Send encrypted messages to a certain user that is already registered;
- Reads and decrypt messages from registered users;
- Help menus with the descriptions and steps to send and receive messages;
An user can register easily by selecting to Register in the main menu, with an username and a password that has at least 8 characters. Then will generate a salt value, which consists in a 32 character, that will concatenate with the password created, which will create a certain hash value. Finally, will store the username and the salt created in a file named registo.txt, that will contain all the usernames created.
An user can login by inserting the username and password that he used for registration. After writing the username and password, it will have the following answers:
- If the user isn't registered, it will ask to insert another name;
- If the user is already logged in another terminal, it will give an error and asks to insert another name.
- If the password does not correspond to the one associated with the username, it will ask to insert another password.
- If the user and password are correct, it will redirect to the Login Menu.
After the login, the user can select to send a message to another user. It will show up a menu with the users registered, and he only needs to insert the receiver's username. If it exists, it will ask the following inputs:
- A question which will be sent to the receiver;
- An answer related to the question added before;
After the two points above, it will generate an hash value, which consists of the question's answer concatenated with a random 128bit number. After creating the hash value, it will concat again with the random number, for nearly 15 seconds. Finally, will generate the encrypted file using the AES-128 cypher, generating an encrypted file which will be added to the receiver's subdirectory.
After the login, the user can select to decrypt and read a message sent by another user. It will show up a menu with the messages that have been sent to the receiver, which every message has the following information:
- Number of the row in the menu;
- Number of hashes iterations that was generated;
- The question that the sender wrote;
- The name of the file, which contains the sender's name;
- The random number that was generated by the sender;
The user will select the number associated with the row in the menu, and will insert the answer to the question. If the answer is correct, it will generate the hash values with the number of iteractions and the random number that was generated. Then, it will try to decrypt the encrypted file, and in the case of success, it will print the message that was received.
The menus are a simple text file with the information and steps of how to do the functionalities mentioned above.
This work was made for the Course Unit Computer Security (or in portuguese, Segurança Informática) @Universidade da Beira Interior.
All the work was graded by Professor Pedro Inácio.