Android - Best way to implement encrypted IM [closed]

Question

Closed. This question is opinion-based. It is not currently accepting answers.

Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.

Closed 9 years ago.

I'm creating and end-to-end encrypted IM for Android, using PHP and GCM as the middle man to deliver the messages.

I've got the IM part nailed down, but now I'm looking to implement an end-to-end encryption on all messages.

My IM is text-only and has a maximum payload of 4kb (the max GCM supports).

Whats the best way to implement this on Android? AES + RSA?

Is there any default library for implementing this in a secure and easy way?

@owlstead developer.android.com/google/gcm/index.html "...or it could be a message containing up to 4kb of payload data (so apps like instant messaging can consume the message directly)." — DarkW, Commented Sep 5, 2014 at 10:42
Ha :) GCM is also a mode of operation for AES, which could be useful for this kind of protocol. — Maarten Bodewes, Commented Sep 5, 2014 at 10:45

Community · Accepted Answer · 2017-05-23 11:49:22Z

1

It is hard to say what is best, the solution also depends on how secure you want this to be.

Fixed RSA keypair - you could generate an RSA keypair and use them to encrypt the traffic. This however will not protect the conversation from someone who decompiles your APK file and extracts the RSA keys - though you can try to make this hard by obfuscating your code and hiding the key by XORing it or using reflection to access it on your application. There are some relevant suggestions here and questions/answers about implementation here.
Dynamic encryption keys with SSL - the encryption keys to use is negotiated for each client separately, on the fly. For this the clients need to trust the server (i.e be sure that they are really talking to your server, not someone else's). This is very much like SSL, where the server proves its identity by providing a certificate signed by a third party. If using SSL is an option, there is an answer for using self-signed certificates here.
Dynamic encryption keys customized - you could set up your own security scheme, but then you'll have to make it bulletproof yourself.

CommunityBot

11 silver badge

answered Sep 5, 2014 at 9:21

sfThomas

1,9353 gold badges18 silver badges27 bronze badges

I'll probably go with something along the lines of the dynamic RSA keys, that each user generates a keypair, sends the public key to the php server which stores it along with its username, when a client wants to start a convo with that username it retrieves the public key of that person, generates an AES key and sends it to that person... something like that
– DarkW
Commented Sep 5, 2014 at 10:48
This sounds pretty good, though in this case the server (you) won't be able to see the conversation, because only the recipient user can decrypt it.
– sfThomas
Commented Sep 5, 2014 at 12:42
I'm not interested in seeing the conversation, I'm not even saving any conversations. This is meant to be a safe form of communication between 2 people
– DarkW
Commented Sep 5, 2014 at 15:24

Add a comment |

1 Answer 1