See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/351364882

End to End Encrypted Simple Chatting Application for Corporate to Customer

Support.

Thesis · March 2021

DOI: 10.13140/RG.2.2.31161.29283

CITATION READS

1 4,630

2 authors:

Debagnik Kar Sambit Prasad Kar

IBM KIIT University
9 PUBLICATIONS 3 CITATIONS 15 PUBLICATIONS 130 CITATIONS

SEE PROFILE SEE PROFILE

All content following this page was uploaded by Debagnik Kar on 06 May 2021.

The user has requested enhancement of the downloaded file.

 A minor project report on
End to End Encrypted Simple Chatting Application for
Corporate to Customer Support.

Submitted in partial fulfilment of the requirements for the degree of

B.Tech
In
Electronic and Telecommunication Engineering
By
DEBAGNIK KAR
1804373
Under the guidance of
Prof Sambit Prasad Kar

School of Electronics Engineering

KALINGA INSTITUTE OF INDUSTRIAL TECHNOLOGY
(Deemed to be University)
BHUBANESWAR
APRIL 2021
 CERTIFICATE
This is to certify that the project report entitled “End to End RSA-Encrypted Simple
Chatting Application for Corporate to Customer Support” submitted by:

Debagnik Kar of Roll no. 1804373. In partial fulfilment of the requirement for the award of
the Degree of Bachelor of technology in Electronics and Telecommunication Engineering
is an original record of the work carried out under my guidance and supervision at School of
Electronics Engineering, KIIT (Deemed to be University).

Signature of Supervisor
Prof S.P Kar
School of Electronics Engineering
KIIT Deemed to be University

The project was evaluated by us on:

Examiner 1 Examiner 2

Examiner 3 Examiner 4

1
 ACKNOWLEDGMENTS
I feel immense pleasure and privileged in expressing our deepest and most sincere gratitude to
my supervisor Professor Sambit Prasad Kar, for his tremendous guidance throughout my
project work. His kindness, dedication, patience, hard work and attention to details have been
a great inspiration to us. Our heartfelt thanks to you Sir, for the unlimited support you have
showed me. I would particularly like to thank him for all his help in patiently and carefully
correcting all our documentation. I would like to acknowledge my friend Hrittik Bania for
helping me understand the complex algorithms of cryptography. I would also acknowledge the
help received from Google Cloud Platform, Google Qwiklabs and Cryptool2 for providing me
learning, server deployment, and simulating resources for this project.

I am also very thankful to Prof Jyoti Ranjan Panda, Prof Sandeep Kumar Dash, Prof
Budipi Nageswar Rao, B.Tech Project Co-ordinators (E&TC), Associate Dean Prof Dr
Amlan Dutta and Prof Dr Suprava Pattaniak, Dean (School of Electronics Engineering) for
their support and suggestions during our course of my project work in the pre-final year of our
undergraduate course.

STUDENT SIGNATURE:

DEBAGNIK KAR
ROLL NO: 1804373

DATE:- 15/04/2021
2
3
 ABSTRACT
Privacy has become a major concern for the end user of free services provided by technology

giants like Facebook and Google, the scandals like Cambridge Analytica or data leaks by

Google + has taught us about the dangerous impacts of data falling into the wrong hands. Here

I designed an end-to-end encrypted chatting application to address this issue. The user of my

chatting application named “secure.ly” can stay anonymous throughout the chatting session. I

have been inspired by several chatting/social media applications such as 4chan, reddit, discord,

Google Allo and WhatsApp to design Secure.ly. Secure.ly is extremely lightweight secure and

portable and compatible on most of the popular operating systems. My solutions to the privacy

concern of the users will help primarily the small to medium scale business internal and

communication as the user data except the login credentials will be erased as soon as the session

ends.

4
 INDEX
Abstract 3
Index 4
List of Figures 6
List of Tables 7
List of symbols/Abbreviations 8
CHAPTER 1: INTRODUCTION 10

1.1 Background 10
1.2 Organization of the report 11

CHAPTER 2: TECHNOLOGY STACK AND BACKGROUND THEORY 12

2.1 Process 12
2.2 Theory For RSA 15
2.7.1. RSA Key generation Algorithm 16
2.7.2. Encryption algorithm 16
2.7.3. Decryption algorithm 17
2.7.4. Pseudocode for RSA 17
2.7.5. Notes on Practical application 18
2.3 Transmission Control Protocol 18
2.3.1. A TCP Connection 19
2.3.1.1. Connection establishment 19
2.3.1.2. Data Transfer 19
2.3.1.3. Connection Termination 20
2.4 User Datagram Protocol 21
2.5 Internet Ports 21
2.6 Internet Sockets 21
2.7 Python 22
2.7.1. List of Python Library used 22
2.8 Cloud computing 23
2.9 Virtual machine 23
2.10 Internet of things 24
2.11 Technology Stack 24
CHAPTER 3: USE CASES & FUTURE DEVELOPMENTS 29
3.1. Use Cases 29
3.1.1. Use in corporate internal communication 29
3.1.2. Use in corporate external communication 29
3.1.3. Use is Discussion Forums 29
3.1.4. Use in communication between IoT devices 29
5
 3.1.5. Medical Consultation Chat 30
3.2. Advantages 30
3.3. Disadvantages 31
3.4. Future developments 32
3.4.1. Media Support 32
3.4.2. AES-RSA Hybrid Encryption 32
3.4.3. Support for Private Chats 32
3.4.4. Integration for TOR 32
3.4.5. Integration of Bots 32
3.4.6. Integration of IoT Devices 33
CHAPTER 4: DISCUSSION ON IMPLIMENTATION AES, TOR & CHATBOTS 34
4.1. AES-256 implementation 34
4.1.1. Operation of the algorithm 34
4.1.1.1. Byte Substitution 34
4.1.1.2. Shift Rows 35
4.1.1.3. Mix column 35
4.1.1.4. Add round key 36
4.1.2. AES-256 cryptography over RSA-1024 37
4.1.3. Side notes on practical use 37
4.2. The Onion Routing 40
4.2.1. Implementation 40
4.3. Chatbots 41

CHAPTER 5: FEATURE COMPARISON OF SECURE.LY WITH OTHER SIMILAR

APPLICATIONS 42

5.1 Comparison 42

CHAPTER 6: SUMMARY 43

6.1. Summary 43
6.2. Market analysis 43
6.3. Risk Assessment 43
6.4. Cost analysis 44
6.4.1. Specifications 44
6.5. Project Planning 45

References 46

6
 LIST OF FIGURES

Figure no. Description Page no.

2.1 Flowchart of the process of the client-side application 13
2.2 Flowchart of the process of the server-side application 14
2.3 Ideal networking for the application 15
2.4 Timing Diagram of TCP Connection 20
2.5 A TCP Segment format 20
2.6 An UDP segment format 21
2.7 Technology Stack 24
2.8 Secure.ly client-side in windows system asking for IP Address 25
2.9 login/registration window in Windows system 25
2.10 Chatting between two person in Secure.ly 26
2.11 Server-side application for windows server getting cypher-text 26
2.12 Secure.ly client-side in Linux System asking for IP Address 27
2.13 login/registration window in Linux system 27
2.14 Chatting between two person in Secure.ly Linux system 28
2.15 Server-side application for Linux server getting cypher-text 28
4.1 Simulation of AES-256 encryption for plain-text 36
4.2 Simulation of decryption in AES for plain-text 37
4.3 Flowchart of encryption for AES-256 algorithm 38
4.4 Flowchart of decryption of AES-256 algorithm 39
4.5 simple TOR network 40
6.1 Gantt chart 45

Table 0.1: List of figures

7
 LIST OF TABLES.

Table
Description Page no.
no.
0.1 List of Figures 06
0.2 List of Tables 07
0.3 List of Abbreviations & Symbols 08
4.1 Example of 128-bit data as an AES block before and after byte substitution 34
4.2 S-table for AES 35
4.3 Example for shift row operation in the state-matrix 35
4.4 Example of mix column operation of AES-256 35
5.1 Feature Comparison 42
6.1 Details of Project Planning 45
Table 0.2: List of Tables

8
 LIST OF ABBREVIATIONS AND SYMBOLS
Abbreviation/ Full-form/Name Description
Symbol
RSA Riverman-Shamir-Adleman Asymmetrical-Shared-key cryptographic
Algorithm
CNT Connect Connect sign in TCP/UDP
SRV Server Remote Computing machine that provides
internet services
ACK Acknowledge A response to a message received used in
internet protocols
LIN Log In Unique information for re-using an internet
service
REG Register Giving unique information about the user
of a service for the first time
WNDW Window A component of a GUI
GUI Graphic User Interface A Graphical interface for end users for ease
of using a software.
CLI Command Line Interface A non-graphical interface for end users in
which the user needs to give commands to
interact with the computing device.
USRNM Username A part of a unique identifiers set which is
publicly available.
PASS Password/Passphrase A part of a unique identifiers set which is
private
BTN Button A component of GUI
DAT Data Raw Information/Not-processed
information
OSI Open System A 7-layered protocol model for connecting
Interconnection two or more computing devices.
PUB0 Public Key The Key of the 1st client which is public
PUB0 Public Key The Key of the 2nd client which is public
PVT0 Private Key The Key of the 1st client which is secret
PVT1 Private Key The Key of the 2nd client which is secret
MSG Message A concise information for communication
in text format
DCNT Disconnect Disconnect sign in TCP/UDP
TCP Transport Control Protocol Protocol that defines a standard to
communicate with application to IP
IP Internet Protocol Protocol used for relaying datagrams across
the network boundaries
UDP User Datagram Protocol Protocol used for relaying low-latency and
lossy datagrams between applications and
internet
no. Number A system of counting
OS Operating System A software that interact between the user
and the hardware of a computer
UNIX/UNICS UNiplexed Information and A multi-tasking powerful, Multiuser,
Computing System popular OS released in 1969

9
PKCS#1 Public Key Cryptography Provides basic definitions and
Standard #1 recommendations for implementing RSA
algorithm
DLL Dynamic-Link Library Microsoft's implementation of the shared
library concept in the Microsoft Windows
IaaS Infrastructure as a Service Type of service provided by a Cloud
Platform
PaaS Platform as a Service Type of service provided by a Cloud
Platform
SaaS Software as a Service Type of service provided by a Cloud
Platform
VM Virtual Machine Emulator of a computing device running
over another set of hardware and OS
PSF Python Software non-profit corporate, that holds the
Foundation intellectual property rights of Python
IoT Internet of Things A network of Connected devices also called
‘things’ communicating between each other
to provide smart services to the end users
Sysadmin System Administrator The person responsible for handling cloud
services and maintenance of it.
SSH Secure Shell Protocol Successor of telnet protocol, It is a protocol
for getting remote control over the CLI
SQL Structured Query Language A language designed for designing and
manipulating a database
DB Database A file system for storing data in a
structured way
TOR The Onion Router An Open-Sourced software for enabling
anonymous communication by directing the
data packets through a worldwide overlay
network.
AES-256 Advanced Encryption A symmetric-shared-key cryptography
Standard algorithm
NLP Natural Language Machine learning algorithms that interacts
Processing between computer and human language to
understand the ‘context’ behind the
sentences.
DES/3DES Data Encryption An algorithm that was initially developed at
Standard/Triple Data IBM and was earlier used in encrypting the
Encryption Standard government classified information.
NLP Natural Language Machine Learning Algorithm that is trained
Processing to respond to queries by humans by
understanding the context behind it.
ASCII American Standard Code Character encoding standard for computers
for Information Interchange
UTF-8 Unicode Text Format of 8- Character encoding standard for computers
bits
ϕ phi A Greek alphabet for denoting
mathematical function.
Table 0.3: List of abbreviations/symbols used.

10
 CHAPTER 1
INTRODUCTION

1.1 BACKGROUND

Privacy has become a major concern for small businesses and the customers of certain services.
Technology giants like Facebook and Google records most of the user activities and uses them
to push relevant to the user advertisements and can generate accurate results of most of the
likes, dislikes, friend circle, political ideologies, medical history, message conversation etc.
Facebook along with Cambridge Analytica, used user’s data without consent to push tailored
advertisements pursue their users for political advantages in presidential elections in USA
twice and allegedly in Brexit Referendum[1]. Data breach scandal of Google+ (previously
named Google Buzz later renamed to Google Currents) which led to leak 500,000 user’s private
data and compromised 52.5 million private account of Google users like username and
password, this led Google to shut down the services of Google+ for free user accounts[2].

All these example has taught us that private information is very sensitive and is very dangerous
if fallen in the wrong hands. The recent changes in the privacy policies of WhatsApp have
allowed the business account to retain information about the conversation of between customer
and the businesses, small businesses may not have a proper data security and can potentially
become a hub for stealing user and the business data from the chats. So, I created a secure end
to end encrypted chatting application named “Secure.ly” that will help the small, medium and
large businesses to get connected to their customers when needed, Secure.ly is easy to use,
portable, and compatible in almost all the popular operating systems, fast and can work under
very low resources (Applies for both the client side and server side), Multimedia can also be
sent via Secure.ly. Secure.ly uses 2048-bit RSA algorithm to encrypt the text data and has a
simple to use Graphics User Interface. Click to run nature in Windows OS no installation
needed. It can also be used in very low latency networks. Corporates can easily integrate a
chatbot to reduce the workload of the employees

11
1.2 ORGANIZATION OF THE REPORT

I have used Python 3.8 in Linux environment for writing the software apart from that I have

also used Tkinter GUI python library for making the GUI model of the client side of the

software, 1024-bit-RSA private and public keys are generated using RSA library of python. I

have also written four user defined libraries for making the GUI models for login/register

window and GUI models for the chat room. The server side of the code uses Time, socket and

database libraries for receiving and sending the data, the user’s login credentials are stored in

database on the server. Using this application has some advantages and disadvantages which

will be discussed later in the report.

This report shows the design and coding of the chatting application and improvements made

over time. The report will also discuss about the use cases and comparison of existing

chatting/social media applications with Secure.ly.

This report comprises of 6 chapters. Starting from the introduction of the project, The second

chapter describes about the technology stack used and the theory of different existing

technologies used in the project. The third chapter discusses about the use cases, advantages

and disadvantages of using Secure.ly and future development of the application. The fourth

chapter discusses about implementation of more technologies in the future developments in the

application. The fifth chapter compares Secure.ly with different social media/chatting

applications. Lastly in the sixth chapter, risks, cost analysis, and market analysis are described.

The weekly planning of the project is also provided as a grant chart.

12
 CHAPTER 2

TECHNOLOGY STACK AND BACKGROUND THEORY

2.1 Process:

Secure.ly is written using python 3.8 which uses RSA python library version 4.2, and sockets

library. The client side of the first asks the user the IP address of the server, when the user

inputs the IP address, the client software sends a TCP/UDP ‘connect’ sign packet to the server

on port ‘12345’, the server side of the application respond with an acknowledgement. Upon

receiving the acknowledgement, the GUI model opens on a new tkinter window. The Log in

or register window, either signs up the user credential and sends to the server or sends the log

in credentials to the server database, if the user is found to present in the server database then

the server will send another acknowledgment sign and the log in window will be closed and

the main chat room GUI will start, while logging in a set of 1024-bit RSA public key and

private key is generated. The public key was sent to the server and the server send this key to

all the other clients present. The user then types a message on the text box and clicks on the

send button which is encrypted using the public key of the user who started the session and the

message appears on the chat thread as well with timestamps. The cypher-text then travels to

the server via TCP/UDP protocols. Receiving the cyphertext the sends the other client

connected to them via same TCP/UDP protocols. The other client receiving then them decrypts

the cypher text using the private key and shows it on the chat thread with name and time stamps.

The time stamps on the other hand is taken from the system time using python ‘time’ library.

The detailed process is visualised further in the fig 2.1 for client-side and fig 2.2 for the server-

side, the ideal networking scenario is provided in figure 2.3 and the technology stack is

provided in the figure 2.7.

13
Fig 2.1: Flowchart of the process of the client-side application.

14
Fig 2.2: Flowchart of the process of the Server-side application.

15
 Fig 2.3: Ideal networking for the application

2.2 Theory For Riverman-Shamir-Adleman Algorithm:

RSA is an asymmetric, non-secret cryptographic algorithm widely used to encrypt or decrypt

data. It basically uses the difficulty of factoring a very large integers. It is generally used to
encrypt data and sign digital documents. RSA works by generating two very long (usually 512-
bit but 1024-bit is considered secure) integers and publishing one number (or key) while
keeping the other a secret. The algorithm was invented in 1977 in MIT by a group of three
researchers named Ron Rivest, Adi Shamir and Len Adleman. The algorithm is named after
the researchers initials R(Riverman)-S(Shamir)-A(Adleman) [3]. The highly secure algorithm
was actually based on the ideas and techniques of Clifford Cocks who first stated in 1973 that
a secure cryptographic technique should be based on two factor one which encrypts the data
which is available to the public and another that is kept a secret and will decrypt the contents
of cypher text [4]. RSA algorithm replaced the previous Diffie-Hellman algorithm which was
a symmetric cryptography technique it showed that encryption should be a one-way trapdoor,
if the data is once encrypted which should be easy to compute by the sender using a key it will
be very difficult to decrypt without that particular key [5]. Although Diffie-Hellman algorithm

16
was highly secure but it posed two problems for the users, the users of the algorithm need to
share the private key to encrypt or decrypt the data this was achieved by either physically
meeting the person before sending data, or sending the keys via a network. Both the ways were
pretty inefficient. The other problem was the sender or the receiver have to keep track of all
the keys of different receiver or sender respectively which was a headache for users who
communicate with large groups like a corporate. RSA addressed both the problems faced by
the Diffie-Hellman algorithm by generating a set of private key and public key so that the
receiving user could first send the public key to all the senders to encrypt the data keeping only
the private key as a secret to decrypt the cypher text [6]. Thus, allowing the receiving user of
RSA to keep only a keys secret and publishing the public key to anyone who wishes to send
data to the receiving user.

2.2.1 RSA Key generation algorithm: The keys are generated using two large and random
prime numbers ‘p’ and ‘q’ which are not close to each other p and q should be of the length,
such that their product ‘n = pq’+ is exactly of the length of the bit length of the size of
encryption 1024-bit in this case, ‘n’ is called the modulus, next we calculate the Euler’s totient
of p and q which is denoted by ‘ϕ(n)’ now ϕ(n) = (p-1)(q-1). Next we choose a random number
‘e’ called encryption exponent in the range of 1 < e < ϕ(n)&, such that GCD(e, ϕ(n)) = 1ϯ. Next
we compute the secret component which is the decrypting exponent denoted by ‘d’ in the range
1<d<ϕ(n), such that the ed ≡ 1*mod ϕ(n)!. The public key is (n,e) and the private key is (n,d)
p and q are also kept a secret.

2.2.2 Encryption Algorithm: Encryption is the standard means of rendering a communication

private. The sender enciphers each message before transmitting it to the receiver only the
authorised receiver can decipher the message received any eyedropper trying to listen to the
message hears only the garbage (the cyphertext) [7]. In RSA algorithm encryption is done using
the public encryption key (n,e). Suppose to encrypt a message ‘M’ in plain text, first represent
the message into as an integer between 0 and n-1. If the message value is larger than n then
break the message into a series of blocks, then represent it as positive integers$. It could be
encoded in ASCII or UTF-8. The purpose here is to encode the message to numeric form so
that it can be encrypted. Let us denote the plaintext M which is represented in numeric form as
‘F’, the algorithm then encrypts F by c = Fe mod n, ‘c’ is the ciphertext. And then sends it to
the receiver

17
2.2.3 Decryption Algorithm: Decryption is the method of deciphering a private message by
the authorised person to human readable format. The authorised person here means the person
whom the sender meant to send the message to. The authorised person here must have the set
of private key (n,d) for deciphering the message ‘c’. For decrypting the ciphertext ‘c’ the
algorithm computes ‘F’ using the function F = cd mod n this extracts the plaintext encoded in
numeric form, the original message is then decoded using the same system as ‘ASCII’ or ‘UTF-
8’ format and the plaintext ‘M’ is obtained [7]

2.2.4 Pseudocode for RSA: A pseudocode is a plaintext format to written for the coders and
developers to make them understand the algorithm more precisely.
//key generation pseudocode
Input k (required modulus for bit-length)
e = 3,5,17,257,65537
repeat
(p, q) genPrime(k/2)
until(p mod e) ≠ 1
N  pq
phi  (p-1)(q-1)
d  modinv(e,phi)
return(N,e,d)
//encryption
(n,e)  fetchPubKey()
Input M
If M>n
(M0,M1,…,m)  breakStr(M-n)
F = encode(M0,M1,….,m)
c = (F)^e * mod(N)
send(c)
//decryption
(N,d) = PvtKey()
c = fetchCipher()
F = cd *mod(N)

18
2.2.5 Notes on practical application: The theory of RSA described above may not be used in
the real-life application as the computation power has increased the RSA has also evolved into
a stronger algorithm to path the vulnerabilities. I have marked with some symbols above to
make the notes here.

‘+’ To generate the prime number of number of bit length ‘k/2’, where ‘k’ is the required bit-
length of the modulus ‘n’ we usually use the Rabin Miller test.

‘Ϯ’ In practice, common values of ‘e’ are 3, 5, 17, 257 and 65537. These particular values are
chosen to minimise the computation time for exponentiation operation.

‘!’ To compute the value of ‘d’ we use the Extended Euclidian Algorithm to calculate d =
(1/e)mod ϕ(n). This is known as Modular Inversion. It is not integer division

‘$’ When representing the plaintext octets as positive integers, it is necessary to add random
padding characters to make the size of the integers large and less susceptible to attacks [9]. For
more details on representing plaintext octets as suitable integers, see PKCS#1 Scheme in the
references below.

‘&’ The original definition of RSA uses Euler totient function ϕ(n) = (p-1)(q-1). More recent
standards uses Carmichael function, λ(n) = lcm(p-1,q-1). λ(n) is smaller than ϕ(n) and divides
it. The value of d’ computed by d’ = (1/e)mod λ(n) is usually different from d = (1/e)mod ϕ(n), but the
end result is always same, using both function one can decrypt the message.

Key length of 512-bit is no longer considered secure. Standard RSA uses 1024-bit to encrypt

2.3 Transmission Control Protocol:

Transmission control protocol or TCP is a connection oriented, reliable protocol. It uses a
combination of GBN and SR protocols to provide reliability, it clearly defines connection
establishment, data transfer, a connection teardown phases to provide a connection-oriented
service. TCP uses checksum for error detection and retransmit lost or corrupted packets by the
use of selective acknowledgements and timers, this results in the lengthening of latency[10].
TCP also provides process to process communication using port numbers like Secure.ly.

TCP was first described by Vint Cerf, Bob Kahn and Carl Sunshine describing the
internetworking protocol for sharing resources using packet tracing among network nodes in

19
their publication Specification of Internet Control Program in Dec 1974 [11], they were
awarded the prestigious Turing award for their foundational work on TCP/IP in 2004 [12].

2.3.1 A TCP Connection: TCP is connection oriented; it provides a communication service at

an intermediate level between an application program and the Internet Protocol. It
provides host-to-host connectivity at the transport layer in the OSI Model. TCP protocol
operation maybe divided into three parts:

2.3.1.1 Connection establishment: The connection establishment in TCP is called the Three-
way handshake. Before a client attempts to connect to a server, it must bind and listen
at a port (passive open). A client may establish a connection by starting an active open
using the 3-way handshake:
1. SYN: the active open is performed by the client-side system sending a SYN
to the server-side system. The client send a random sequence of number ‘N’
2. SYN-ACK: In reply, the server sends a SYN-ACK, which is one more than
SYN, ‘N+1’. And the server chooses another random number ‘M’ to the
client
3. ACK: Finally, the client, on receiving SYS-ACK, responds with ACK
which is set to one more than the receiving sequence ‘M+1’.

Step 1 and 2 establishes and acknowledges the sequence number for client to server
connection and step 2 and 3 establishes and acknowledges the number of server to client
connection, therefore ensures a full-duplex communication is established. This
sequence is visualized in fig 4 [13]

2.3.1.2 Data Transfer: After the connection is established the data transfer is can take place
in both the direction, the acknowledgment is sent along with the data. TCP has many
features in data transmission, such as
• Ordered Data transfer: The destination host rearranges segments according to a
sequence number[14]
• Retransmission of lost data: Any sent data not acknowledged back to the sender
in a specific duration of time is resent again.[14]
• Flow Control: If the buffer of the receiving end fills it ask the sender to stop to get
the received data processed and free the buffer space.[14]
• Error free data transfer: Uses checksums to detect errors or corrupted data[15]

20
 • Congestion control: uses timestamps and Karn’s algorithm to prevent congestion.
[14][16]
2.3.1.3 Connection Termination: The connection termination phase uses a four-way
handshake, with both the sides ending the connection independently. Any of the side
sends a FIN packet, to which the other side acknowledges with a ACK. After the side
who sent the first FIN has responded with the final ACK, It waits for a time out before
finally ending the connection.[13]. A sample TCP connection is visualized in fig 2.4.
and the TCP packet is visualized in figure 2.5

Fig 2.4: Timing diagram of TCP Connection

Fig 2.5: a TCP segment

21
2.4 User Datagram Protocol:

UDP is a simple message-oriented protocol residing in the transport layer of the OSI model
which provides simple connectionless communication with minimum of protocol mechanism.
It doesn’t guarantee packet delivery that is why UDP is often called Unreliable datagram
protocol[26]. UDP uses checksums to provide data integrity, it is generally used in time
sensitive applications where the priority is not the loss of a few packets but the time delay
should be minimal[26]. UDP was designed by David P. Reed in 1980[27]. A UDP sample
packet is visualised in fig 2.6.

Fig: 2.6: UDP segment format

2.5 Internet Ports and Port Numbers: A port is a communication endpoint. Within an
operating system a port is a logical construct that identifies a specific process or network
services. A port is identified for each transport protocol and address along with a 16-bit
unsigned number called port number.

Port numbers is a 16-bit unsigned inter, ranging from 0 to 65535, used to provide process-to-
process communication in the transport layer of OSI model Secure.ly uses port no. 12345 for
all communication [18]. In this project we use port ‘12345’ also called ‘iTalk Chat System’[20]

2.6 Internet Sockets: Socket interfaces is a set of instructions that provide communication
between the application layer of the OSI model and the OS, it is a set of instructions that is
used to communicate between one process to another process. The idea of sockets was given
in early 1980’s at UC Berkeley as a part of UNIX environment[19].

22
The communication of between a client process and a server process is actually a
communication between two sockets created at two ends, the client think that the socket is the
system take requests and gives a response and the server thins that the socket has a request and
needs the response. If the two sockets are configured at the server and client ends along with
the port no. and IPs is defined correctly, the available set of instructions could be used to send
and receive data in both the ends, the rest is the responsibility of the OS and the TCP/IP
protocols.[21]

2.7 Python:

Python is an interpreted, interactive, object-oriented, high-level, open-source programming

language written in C by Guido van Rossum at Centrum Wiskunde & Informatica in
Netherlands[22]. As of now the latest release of python and in which this program is written is
python 3.9.2[23]. Python is the choice of many programmers for its backwards compatibility,
extensive list of libraries, good community support and ease to code. Python is although slower
compared to other compiler-based programming languages.

2.7.1 List of Python Library used:

As said earlier python has an extensive list of libraries and has backward compatibility for older
languages like C/C++ to build Secure.ly, the libraries used are as follows.

1. RSA: used in the client side only. RSA v4.7.2 provides pure-Python RSA
implementation, it is used to generate keys and encrypting and decrypting data using
PKCS#1 scheme, written most by Sybren A. Stüvel. It is an open-sourced library
licenced under Apache license 2.0[24].
2. CTYPES: ctypes is a very popular foreign function library for python, it is used to
provide C compatible data types, and allows calling functions in DLL files or shared
libraries. This library is used in the client side only. It is a python standard library and
the current version is v3.9.2 licensed under PSF[25].
3. SOCKET: Low-Level network interface. This library provides access to the BSD
socket interface, available in all modern Unix, Windows and MacOS system. The
python interface is a straight forward transliteration of the Unix system call and library
interface for sockets to Python object-oriented style. It is used in both the server and
the client side of the application. The current version is v3.9.2 licensed under PSF [25].

23
 4. Python-TK: Python-tk or tkinter package is the standard Python interface to the Tk
GUI toolkit. Used only in the client-side, supported by most UNIX and Windows
system. Tk is maintained by at Active State. Current version is v3.9.2[25].
5. TIME: The python time package provide system time and date to the program; it also
has a delay and sleep functions used in both server and client of the application.
6. SQLITE3: Used only in the server side of the application, this package interact with
the user database present in the server side to store the login credentials of the
application. SQLite3 is a C library that provides a lightweight disk-based database that
doesn’t require additional a separate server processing.[25]
7. THREADING: Thread-based parallelism. Used only in the client side of the
program[25].

2.8 Cloud Computing:

Cloud computing is a transformative computing paradigm that provide applications and

services over the internet. Cloud computing involves provisioning computing, networking and
storage resources on demand in a pay as you go model. The process of provisioning resources
is automated and users are assigned virtual resources that run on top of the physical resources’
hardware [28]. Cloud computing services are offered in different forms such as:

i. Infrastructure-as-a-Service: IaaS provides users computing, storage resources as

virtual machine (VM) instances and virtual storage. Users can start, stop, delete,
configure their instances and storage, users can also deploy OS and application of their
choice and are billed as pay-per-use models[28]
ii. Platform-as-a-Service: PaaS provides the users the ability to develop and deploy
application in the cloud using APIs, dev tools, libraries, and services provided by the
cloud service provider. While the underlying infrastructure, OS and networking is
managed by the cloud provider.[28]
iii. Software-a-Service: SaaS provision the user a complete software application or the
user interface to the application itself. The cloud service provider manages and
configure the infrastructure, OS, network, storage, and the application software.
Application is served using a thin client interface such as a web browser.[28]

2.9 Virtual Machines:

A virtual machine or VM is an emulation of a physical computer system[29]. A VM was

originally defined by Popek and Goldberg as an efficient and isolated duplicate of a real
24
computer[29]. A VM uses runs over a ‘host’ OS then emulates an isolated environment to run
specific application or OS(s). It is widely used to play retro games, emulate runtime
environment or start a virtual machine instance on a physical server.

2.10 Internet of Things:

IoT can be defined as a dynamic global network of infrastructure with self-configuring

capabilities based on standard communication protocols, where physical and virtual ‘things’
have identities, physical attributes and virtual personalities, which uses intelligent interfaces,
and are seamlessly integrated into the information network often communication data
associated with users and their environment. [7]

2.11 Technology Stack:

Fig 2.7: Technology Stack

25
Fig 2.8: Secure.ly client-side in Windows System asking for IP Address

Fig 2.9: login/registration window in Windows system

26
 Fig 2.10: chatting between two people in Secure.ly in windows system

Fig 2.11: Server-side application for Windows server getting cypher-text.

27
Fig 2.12: Secure.ly client-side in Linux System asking for IP Address

Fig 2.13: login/registration window in Linux system

28
 Fig 2.14: Chatting between two person in Secure.ly in Linux system

Fig 2.15: Server-side application for Linux server getting cypher-text.

29
 CHAPTER 3
USE CASES & FUTURE DEVELOPMENTS

3.1 Use Cases:

Secure.ly is an end-to-end encrypted chatting software written in python environment. The idea
of this software came from different other popular social media and chatting application like
‘reddit’, ‘4-Chan’, ‘WhatsApp’, ‘discord’, ‘slack’, etc. Some of the use cases of this software
that I can think of are:

3.1.1 Use in Corporate Internal Communication: Big, medium, and small sized corporate
pay hefty amount of money to companies like ‘Slack’ for their internal communication. Most
of the 3rd party software which provide internal communication are not private to the admin
and pose a privacy issue, more of all the services provided are run over the 3rd party’s server
and the information stored is not encrypted, if an attack or data leak happen in the 3rd party’s
side a lot of private information could be leaked. Secure.ly as a software could be run over the
company’s server which will be encrypted and retain no private communication data. So, that
even if the company’s server gets compromised no data could be leaked.

3.1.2 Use in Corporate External Communication: Corporates often rely on application like
‘WhatsApp’ to communicate with customers for customer services, Although it is end-to-end
encrypted but ‘WhatsApp’ recent privacy policy change states that the Businesses can retain
the customer’s messaging data for their internal use which is violation of privacy for many
users. Small to Medium sized businesses often are negligent of the security of their data
protection which can cause data leaks. Using Secure.ly solves this problem by purging this data
after use so data can’t be compromised.

3.1.3 Use in Open Discussion Forums: Open discussion forums like ‘4chan’ do not keep track
of the user information but it is not end-to-end encrypted untagged data could be leaked.
Secure.ly can provide this kind of services if the server IP address is made public.

3.1.4 Use in communication between IoT devices: IoT devices carry a lot of private
information of the user, IoT devices are the most vulnerable to attacks which results in data
leaks or the inability to control the device itself, or the attacker may even track the user.
Secure.ly with a little modification on the client-side can be used inside the IoT devices to
communicate between device to device or between device to user. The server-side doesn’t

30
retain any data from the devices and the only the device or the user itself running the client side
can control the data. This is a probable solution of the IoT infrastructure.

3.1.5 Medical Consulting chat: Many start-up companies are emerging to consult a doctor
online using chat or call or a video call. In this pandemic situation when most of the corporates
have shifted to home remote, but in the case of health care workers are the most vulnerable
person. If the patient and doctor could chat in this private application then it will be beneficial
for both the parties’ doctors could make sure that he/she/them is protected from the infection
and patient don’t have to go out of their home to which slow the spread of the infection. Health
information is always private and he start-ups like these mostly do not have end to end
encryption which could lead to data leaks and exposing thousands of health information over
the internet. Using secure.ly in this case will provide end to end encryption and the no data
logging feature will prevent ant data leaks from happening.

3.2 Advantages:

• Simple to use: The application GUI is simple use from the both server and client side,
the user using it do not need any special install to install the program, The application
is click to run in windows system and one command to run in Linux systems.
• Small Size: The application size is very small users do not need to download large files
from the internet to use it.
• Compatibility: The application is currently supporting most Windows and Linux
system i.e.; the application is cross-platform and communication could be established
from both the sides using different operating systems
• Low Internet Use: Secure.ly uses limited bandwidth of the user’s internet, So users
having very low-latency can also easily participate in the chats.
• Low server running and maintenance cost: Secure.ly can even be run on a raspberry
pi server, which can cut the monthly costs largely, If the user wants they can use very
servers with very low computing power as the application is light-weight.
• End-to-End Encryption: As discussed earlier the application uses RSA algorithm to
encrypt and decrypt the messages sent. The server retains no information sent or
received by the user.
• New Key generation: A pair of new keys are generated each time the client-side
application is started

31
• Owning the server: The corporates can use the service by setting up the server of their
own. Server side of the application is easy and supported by both Windows server and
Linux Servers.
• Integration of Bots: Integration of bots is easy with a little change in the client side of
the application. It reduces the work load of the employees for customer service.

3.3 Disadvantages:

Although using this application has their advantages listed above but this application is in
beta stage and have quite a few drawbacks which are listed below:

• No Backups: Once the client-side is application is closed the chat history along
with the pair of RSA keys will be lost.
• User Information: Although the server don’t keep the messages but the user
information such as username and password are stored in a database and the
sysadmin can view this messages by using SQL queries. If the sysadmin see the
logs of the chat instance he/she can also view who is sending messages to whom in
the active SSH client.
• RSA is a slow: RSA algorithm is relatively slower compared to other cryptography
algorithms. The time complexity of RSA is O(n2). It is observed that as the size of
the private key length is directly proportional to the increase in time, the slope of
the time and size of private key is non-linear and exponential. This can be solved
using faster algorithms like AES-256. For more information refer to section 3.4.2
• No private chats: This application is in beta stage currently only supports group
chats private chats can only be enabled if only two person know the IP address of
the server. Although the users will be notified with a message will if someone joins
the chatroom. Private chats will be developed in the future please refer to the section
3.4.3 for more information.
• No Media Support: The current version of Secure.ly do not have the ability to send
documents, images, audios or videos files. This will also be added in the future
please refer to section 3.4.1 for more information.
• Exposed IP address: The whole point of making Secure.ly was to give the privacy
and security to the data but user’s location and computer specs could be found by
tracing the IP address of the user using a packet sniffing tool like ‘Wireshark’ this
can be avoided by shifting the whole communication to the onion router protocols

32
 or TOR. Although directing to TOR network will cause additional delay in message
delivery but the users will have the choice for using TOR or not using it.

3.4 Future Developments and plans:

The Secure.ly is designed keeping the privacy and security of the users and the data private at
heart. The application is currently in the beta stage and have large number of bugs and flaws,
Secure.ly also have many features missing, this section will address those flaws and will
discuss how I am planning to develop this application further.

3.4.1. Media Support: Media files is not supported currently in the application due to
complexity of the of encrypting large files using RSA. RSA as mentioned earlier is very
slow, instead I will be implementing AES-256 to encrypt and send media files in the chats
3.4.2. AES-RSA Hybrid Encryption: RSA-1024 is pretty good algorithm for end-to-end
encryption but it is pretty slow so using AES-256 algorithm will to make the encryption
and decryption process faster, AES-256 has a drawback, that the algorithm is symmetric-
key that means that the same key is used for encrypting and decrypting the data which could
potentially be vulnerable to attacks. This can be solved by using RSA to encrypt the keys
of AES, While AES encrypt the data, data being a file or just plaintext.
3.4.3. Support for private chats: Secure.ly currently do not support private chats only group
chats is possible. This can be avoided by keeping the IP of the server of the application
private for now. The next version of the application will have the ability to connect and
send messages directly to a particular user in a one-on-one chat room.
3.4.4. Integration of TOR: The application was made keeping privacy and security of the
users in heart, but a simple packet tracing tool can expose the user’s IP address, ISP,
location, etc. Integration of TOR will make packet tracing of the user harder by rerouting
the internet traffic in various layers of routers around the globe. TOR project is a free open-
source software which helps keeping the client-side of the application hidden by using
onion routing which bounces the internet traffic of the user randomly through various IP
addresses of other computers before delivering to the destination[30][31]. The integration
will result in slower delivery of messages so, there will be an option for the user to opt for
using TOR or not.
3.4.5. Integration of Bots: Chat bots come in handy in customer care chat support or trouble
shooting with slight changes in the client-side chat bots ca be integrated to reduce the work

33
 load. Although the chatbots will have to be pretrained as there will be no logs of the chats
to train later for the NLP algorithms.
3.4.6. Integration in IoT Devices: The future of IoT devices depends on the privacy and
security of the devices because to give smart services for example, reminding to take
medications before going to bed to the user, the Things have to rely on large amount of
user’s private data such as medical history or the user’s usual time to sleep. These data
should not be kept un-protected. Secure.ly can help this kind of problem by using a
modified version of Secure.ly’s client-side application to send and receive data in between
sensors, actuators and Thing’s communication over internet.

34
 CHAPTER 4

DISCUSSION ON IMPLIMENTING AES, CHATBOTS & TOR

4.1 Advanced Encryption Standard-256 implementation:

AES-258 or Rijndael Algorithm is a cryptography algorithm widely in use for data encryption
for protecting sensitive and unclassified documents. This algorithm is recommended by the US
National Institute of Standard and Technology (NIST) as a replacement for older DES/Triple
DES Algorithm[32]. AES is a symmetric-shared key system meaning same one key which is
of 256-bits is used to encrypt and decrypt the data. Rijndael algorithm was first proposed by
two Belgian researchers Dr. Vincent Rijemen of ESAT and Dr. Joan Daemen of Proton World
International[32]. The complexity of the AES-256 is comparatively lesser than the RSA and is
easier to encrypt media files. It consists of an initial round called Add Round Key and a counter
c = 14 for 256-bits of AES encryption. Then it will be followed by different operations as
shown in figure 4.1. The operation ensures the cyphertext can only be decrypted using the same
256-bit key to ensure privacy.

4.1.1 Operation of the algorithm:

4.1.1.1 Byte Substitution: this process is used for ensuring enough difficulty for linear and
cryptanalysis attacks. The plaintext data or the media file in hexadecimal is broken in 16-bytes
blocks which is represented by a 4x4 matrix (called state matrix) as shown in table 4.1 and is
then provided for the operation. Each cell of 1 byte in the state matrix is then substituted by
another byte using another lookup table called the S-table, let the actual byte in any of the cell
be ‘XY’ X and Y being the two digits of the hexadecimal data, the value of the XY will be
substituted by looking up the Xth row and Yth column from the S-Table provided in table 4.2
the S-table is standard.[32]

E4 07 25 30 69 C5 3F 04
AB CD EF FF 62 BD DF 16
Substituting Byte
12 34 56 D3 C9 18 B1 66
78 90 10 44 BC 60 CA 1B
Table 4.1: Example of 128-bit data as an AES block before and after byte substitution

35
 Table 4.2: S-table for AES

4.1.1.2 Shift rows: Shifting the rows in specific order causes diffusion over multiple rounds.
The 0th row is not shifted, the 1st row’s bytes are shifted by once to the left, the 2nd row’s
bytes are shifted twice to the left, and lastly the 3rd row’s byte is shifted thrice to the left.[32]
For example, see table 4.3

69 C5 3F 04 69 C5 3F 04
62 BD DF 16 BD DF 16 62
Substituting Byte
C9 18 B1 66 B1 66 C9 18
BC 60 CA 1B CA 1B BC 60

Table 4.3: example for shift row operation in the state matrix

4.1.1.3 Mix column: Also known as multiply columns this step multiplies the state matrix with
a standard matrixδ of the same dimensions (In hexadecimals) for producing the resultant state
matrix, refer to table 4.4 for details

02 03 01 01 69 C5 3F 04 76 97 31 D6
01 02 03 01 BD DF 16 62 0A D1 EF 88
01 01 02 03 B1 66 C9 18 E8 FB 2C F6
03 01 01 02 CA 1B BC 60 38 DB FB B6
Table 4.4: Example of mix column operation of AES-256

36
4.1.1.4 Add round key: In this step, the matrix is XOR-ed with the round key, the original key
is of 256-bits arranged in a 4x4 matrix of bytes. This matrix is expanded by 40 more columns
obtained another operation. Assuming the first four columns are W(0), W(1), W(2), W(3), then
the new columns are added iteratively (by recursion), Suppose columns up to W(i−1) are given,
then if i is not a multiple of 4, W(i)=W(i−4)⊕W(i−1). Also, if i is a multiple of 4,
W(i)=W(i−4)⊕T(W(i−1)) where T(W(i−1) is the transformation of W(i−1) obtained by the
following procedure.

This above four steps are repeated for 13 times for 256-bit encryption and a final round takes
place by operating all the steps above except mix column on the state matrix before giving a
cypher text. The AES can be made stronger to crack if a pseudo-random vector is added in the
process as initialization vector. Refer to fig 4.1 and fig. 4.2 for flowcharts of encryption and
decryption algorithm.

Fig 4.1: simulation of AES-265 encryption for plain text

37
 Fig 4.2: Simulation of decryption in AES for plaintext

4.1.2 AES-256 cryptography over RSA-1024: The AES is faster than RSA and is more
efficient in encrypting data (plaintext or media files) but the problem is that the AES is a
symmetric-shared-key algorithm so sending the key along with the data to the intended
recipients is not secure enough. So, encrypting the keys of AES in an asymmetric-shared-key
algorithm like RSA-1024 is ideal for this case, using the public key the AES-256 key is sent
along with the encrypted data in AES. The private key of the recipient can then be used to
decipher the key using RSA-1024 and eventually the data using AES-256 [34]. This hybrid
model will be implemented in secure.ly in the next update.

Side Notes

δ = If the result has more than 8 bits, the extra bits are not simply discarded: instead, they're
cancelled out by XORing the binary 9-bit string 100011011 with the result (shifted right if
necessary). This string stands for the generating polynomial of the particular version of
GF(2^8) used; a similar technique is used in cyclic redundancy checks.

38
Fig 4.3: Flowchart of encryption for AES-256 algorithm

39
Fig 4.4: Flowchart of Decryption of AES-256 algorithm.

40
4.2 The Onion Routing:
The onion router or TOR for short is an infrastructure for anonymous secret connection over
public networks. The connections are bi-directional, nearly real-time and strongly resistant to
eves-dropping and packet tracing[31]. Tor is open-sourced package readily available for Linux,
Mac OS, iOS, Android, ChromeOS, and Windows, In onion routing, the client to server and
server to client connection are not made directly using sockets, instead the application makes
a connection through a sequence of machines called the onion routers. The onion routing
network allows the connections to be anonymous by hiding the information of the initiator and
responder private to the eavesdroppers[31].
4.2.1 Implementation: TOR as an open-sourced software packages are already available for
most of the OSes. In the secure.ly’s program a PowerShell script for windows and a Bash Script
for terminal will be enough for implementing TOR. If Tor is already installed in the system.
Privacy will be stronger if the user wants to use TOR but the message delivery especially the
Media files will take significant amount of time. Although as previously mentioned it will be
given as an option to the user to user or not using TOR, TOR can sometimes can also be very
choppy in connection resulting in unstable and unreliable connection. See fig 4.5 for details.

Fig 4.5: simple TOR network.

41
4.3 Chat Bots:
Chatbots or chatting robots are a piece of software that can serve a user by understanding the
contexts and contents of a language of the user using NLP and responding properly to it. This
will help the medium to large scale corporates to reduce the workload of the customer care
employees by solving the problems small and simple problem such as order details or
cancellation of a subscription. The major drawback of chatbots is that in general it actively also
learns to get better in responding to the users which needs the chatting data to be stored, which
contradicts the fact being Secure.ly, the application is private and shouldn’t store any data. The
solution that I can think of is disabling the active learning in the NLP models of the chatbots.
And training the bots to get better should only be done using freely available training datasets.
Further research is required in this field for the problem and implementation could be done
using another server running the chatbot with the modified client to send and receive messages
could the solution for implementation of chatting bot.

42
 CHAPTER 5
FEATURE COMPARISON OF SECURE.LY WITH OTHER
SIMILAR APPLICATIONS

Secure.ly uses various technology and some more features will be implemented in the next few
updates. This section compares some of the similar and popular chatting applications with
secure.ly, the comparison is based on features the application provides, the data is sourced from
the open web and cannot verify the reliability of the same.

Secure.ly WhatsApp Slack Discord Messenger Instagram Reddit Signal Hangout Telegram

e2e Y Y N N N N N Y N Y

private chats N Y Y Y Y Y Y Y Y Y

group chats Y Y Y Y Y N Y Y N N
rd rd rd
Using 3 Using 3 Using 3
chatbots N Y Y Y N N Y
party app party app party app
PARTLY
source-code CLOSED CLOSED CLOSED CLOSED CLOSED CLOSED CLOSED OPEN CLOSED
OPEN
Using
charging Using private Using private Using private private
Charging
business for Charging for Charging for data to show data to show data to show data to
for more Donations Donations
model server- business APIs more features relevant relevant relevant show
features
side Adverts Adverts Adverts relevant
Adverts
Web,
Mac, Web, Mac, Web, Mac,
web,
Windows, Web, iOS, iOS, iOS, Linux, Web, Web, Web, Web, iOS, Linux,
compatibility android,
Linux Android Linux, Android, Android, iOS Android, iOS Android, iOS Android, iOS Android,
iOS
Android, Windows Windows
Windows
media
N Y Y Y Y Y N Y Y Y
support
One-on-
audio call N Y Y Y N N Y N Y
one
Video call N Y N Y Y N N Y N Y

Use-Cases P&B P&B B P P P P P P&B P&B

login
U&Pass PhoNo U&Pass U&Pass U&Pass U&Pass U&Pass PhoNo U&Pass PhoNo
Information
censorship None Report/Block None Report/Block Report/Block Report/Block Report/Block Report/Block None Report/Block
Personal Email Email
None PhoNo Email ID Email ID Email ID Email ID PhoNo PhoNo
data ID ID
Table 5.1: Feature Comparison

The comparison data is based on the current version of Secure.ly and the other application
mentioned and are subject to change.
Legends Used:
Y Yes Closed Closed-Sourced PhoNo Phone Number
Username and
N No P Personal Use U&Pass
Password
Open Open -sourced B Business Use Email ID Email Identity

43
 CHAPTER 6
SUMMARY

6.1 Summary:
In the connect world of today’s where any information could be found in a matter of seconds,
where most devices are connected to each other and constantly communicating with each other,
it is often hard for the consumers to keep their privacy in control, big tech corporates like
Google, Facebook and Microsoft often find loopholes in the ancient privacy laws a and exploit
the collected user data to either show adverts or improve their own products which results in
hard to keep track of the user’s personal data. Using Secure.ly application will not only help
staying anonymous on the internet but also will not store any data from the users. It is very
useful for internal and external communication of a corporate. As the application don’t store
any data except the log In credentials of the user there is no fear of attacks and data leaks.
Privacy in these day is utmost importance and for both corporates and individuals. Secure.ly
the application has the potential to contribute to solving the privacy concerns immensely.

6.2 Market analysis: The current version of Secure.ly is not production ready and needs
additional features and bug fixes to get into market secure.ly lacks many basic features which
are present in the competitor’s applications the future development plans are already mentioned
in chapter 3 in section 3.4 and chapter 4. The comparison of Secure.ly with other similar
applications also have been featured in chapter 5. The clients side application will be free and
available in the internet when it will be production ready, but the server side of the application
will be presented behind a paywall for the corporates who would like to implement software in
their own servers for a one-time fee, while the medium sized businesses who would like to get
the software as a service and cannot afford to get cloud infrastructure will be charged monthly
or yearly for the service running on our servers the application will be ready for production.

6.3 Risk assessment: Before getting into production Secure.ly have to compliant with the
standards given by IETF (Internet Engineering Task Force). There are standard Python libraries
readily available for use in cryptography that meets these standard set by IETF. The software
will be treated with harsh cryptanalysis algorithms to make sure of potential bugs that might
make it vulnerable for attacks before publishing it for production.

44
6.4 Cost Analysis: The Cost of running Secure.ly’s services over the cloud platforms can vary
on the service provider for IaaS. The application is very lightweight and the VM compute
Instance required to run the server-side is depended on how many person uses the service in a
point of time. For the sake of estimation, I consider a situation of 3 users chatting on the
application plus a chatbot running on another server.

6.4.1 Specification:

• Server-side (Minimum):
• VCPUs – 1
• Memory – 512 MB
• Storage technology: Hard Disk Drive (Throughput Optimized)
• Storage capacity – 30GB
• Operating System – Ubuntu Server 20.04 LTS/Windows Server(Extra Charges)
• Networking – Up to 5-Gigabit ethernet
• Reserved Static IP: IPv4
• Running cost:
▪ AWS: $54.84/yr. for Mumbai region without taxes.
▪ GCP: $78.48/yr. for Mumbai region without taxes.
• Server-side (Recommended):
• VCPUs – 2
• Memory – 1 GB
• Storage technology: Static State Drive (SSD)
• Storage capacity – 100GB
• Operating System – Ubuntu Server 20.04 LTS/Windows Server(Extra Charges)
• Networking – Up to 100-Gigabit ethernet
• Reserved Static IP: IPv4
• Running cost:
▪ AWS: $246.96/yr. for Mumbai region without taxes.
▪ GCP: $555.6/yr. for Mumbai region without taxes.
• Client-Side (Minimum):
• CPUs – 2
• Memory – 2GB
• Storage Technology – HDD
• Storage Capacity – 256 GB
• Operating System – Ubuntu 20.10/Windows 10
• Network: 100 Kbps bandwidth.
• Client-Side (Recommended):
• CPUs – 4
• Memory – 4GB
• Storage Technology – SSD
• Storage Capacity – 512 GB
• Operating System – Ubuntu 20.10/Windows 10

45
 • Network: 1-5 Mbps bandwidth.
The above calculation is done using the AWS and GCP pricing calculation pricing may vary
largely on the region and taxes and system types. The minimum specs calculation of the
application for client process is only tested in Windows 10 using task manager not tested in
Linux Environment.
6.5 Project Planning:
Activity Starting Weeks Number of weeks Success or not
rd
Ideation of Project 3 week of Dec 2020 1 NA
Started coding 4th week of Dec 2020 2 True
Secure.ly v0.1 1st week of Jan 2021 1 True
implementation of 2nd week of Jan 2021 2 True
RSA
implementation of 4th week of Jan 2021 4 False
inserting media files
Secure.ly v1.0 4th week of Feb 2021 1 True
GUI implementation 4th week of Feb 2021 1 True
Literature Review 1st week of Mar 2021 1 True
Securely v1.1 2ndweek of Mar 2021 1 False
Started Documenting 3rd week of Mar 2021 2 True
Support for windows 1st week of Apr 2021 1 True
Finalized Report 3rd week of Apr 2021 1 True
Table 6.1: Details of the project planning.

Fig 6.1: Gantt chart

46
References

[1] The New York Times (Facebook-Cambridge Analytica Scandal)

[2] The Wired.com (Google+ Data Leak)
[3] R. L. Rivest, A. Shamir, and L. Adleman. 1978. “A method for obtaining digital
signatures and public-key cryptosystems”. Commun. ACM 21, 2 (Feb. 1978),
120–126.
[4] Cocks, Clifford C. "A note on non-secret encryption." CESG Memo (1973).
[5] R. L. Rivest, A. Shamir, and L. Adleman. 1978. “A method for obtaining digital
signatures and public-key cryptosystems”. Commun. ACM 21, 2 (Feb. 1978),
120–126. <Link>
[6] R. L. Rivest, A. Shamir, and L. Adleman. 1978. “A method for obtaining digital
signatures and public-key cryptosystems”. Commun. ACM 21, 2 (Feb. 1978),
120–126. <Link>
[7] R. L. Rivest, A. Shamir, and L. Adleman. 1978. “A method for obtaining digital
signatures and public-key cryptosystems”. Commun. ACM 21, 2 (Feb. 1978),
120–126. Page 3-4 <Link>
[8] A. Bahga, V. Madisetti. “Internet of Things, A hands-on Approach”. University
Press (2014) ISBN- 978-0996025515, page 22
[9] RSA Laboratories. PKCS #1 Cryptography Standard Version 2.2, October 2012.
Republished as RFC 8017.
[10] B.A. Forouzan. “Data Communications and Networking”, McGraw Hill
Education India, 5th edition (2020), ISBN- 978-1-25-906475-3, page 743
[11] V. Cerf, Y. Dalal, C. Sunshine. “SPECIFICATION OF INTERNET
TRANSMISSION CONTROL PROGRAM”. IETF RFC 675, (Dec 1974)
[12] Turing Awards <link>
[13] B.A. Forouzan. 2012. “Data Communications and Networking”, McGraw Hill
Education India, 5th edition, ISBN- 978-1-25-906475-3, page 751
[14] Comer D. "Internetworking with TCP/IP Principles, Protocols, and
Architecture", Prentice Hall, Englewood Cliffs, New Jersey, U.S.A., 1988
[15] TCP Definition (Mar 2005), The Linux Information project.
[16] V. Jacoben, R. Braden, D. Borman. “TCP Extension for High Performance”.
IETF RCF 1323, (May 1992),

47
 [17] “Transmission Control Protocol”, DARPA Internet Program, IETF RFC 793,
(Sept 1981)
[18] B.A. Forouzan. “Data Communications and Networking”, McGraw Hill
Education India, 5th edition (2020), ISBN- 978-1-25-906475-3, page 736
[19] B.A. Forouzan. “Data Communications and Networking”, McGraw Hill
Education India, 5th edition (2020), ISBN- 978-1-25-906475-3, page 823
[20] M. Cotton, L. Eggert, J. Touch, M. Westerlund, S. Cheshire. “Internet Assigned
Numbers Authority (IANA) Procedures for the Management of the Service
Name and Transport Protocol Port Number Registry”. IETF RFC 6335. (Aug
2011).
[21] B.A. Forouzan. “Data Communications and Networking”, McGraw Hill
Education India, 5th edition (2020), ISBN- 978-1-25-906475-3, page 824
[22] Venners, Bill (13 January 2003). “The Making of Python”. Artima Developer.
Artima. <link>
[23] Python Documentation <link>
[24] Python Package Index (PyPi), Documentation <link>
[25] Python Documentation <link>
[26] J.F. Kurose, K.W. Ross. “Computer Networking: A top-down approach”.
Pearson India Education Services Pvt Ltd.(2017). Page 215
[27] J. Postel. “User Datagram Protocol” IETF RFC 768, (Aug 1980)
[28] A. Bahga, V. Madisetti. “Internet of Things, A hands-on Approach”. University
Press (2014) ISBN- 978-0996025515, page 39-40
[29] Gerald J. Popek and Robert P. Goldberg. 1974. Formal requirements for
virtualizable third generation architectures. Commun. ACM 17, 7 (July 1974),
412–421.
[30] M. G. Reed, P. F. Syverson and D. M. Goldschlag, "Anonymous connections
and onion routing," in IEEE Journal on Selected Areas in Communications, vol.
16, no. 4, pp. 482-494, May 1998, doi: 10.1109/49.668972.
[31] The TOR Project-LICENSE <link>
[32] T. Jamil, "The Rijndael algorithm," in IEEE Potentials, vol. 23, no. 2, pp. 36-38,
April-May 2004, doi: 10.1109/MP.2004.1289996.<link>
[33] Rudra A., Dubey P.K., Jutla C.S., Kumar V., Rao J.R., Rohatgi P. (2001)
Efficient Rijndael Encryption Implementation with Composite Field Arithmetic.
In: Koç Ç.K., Naccache D., Paar C. (eds) Cryptographic Hardware and
Embedded Systems ISBN: 978-3-540-44709-2
[34] Palanisamy, V. and Mary, A.J., 2011. Hybrid cryptography by the
implementation of RSA and AES. International Journal of Current Research,
33(4), pp.241-244.

48

View publication stats