thesis?

Hlo sir if your project is over then u can share ?

He should show us his back just in case

Only the public key is sent. To decode it you need the private key. In a full solution the two sides exchange public keys and then use the other sides public key to send, and their own private key to decode the received messages. In a MITM attack the attacker could replace the public keys and then decode each message with their own private key and then reencode the message with original public key but this can be detected by including a copy of the public key, or something derived from it, in an encoded message so that the key the receiver is using is different to this new copy since the attacker had to replace the original. Look into Diffie Hellman key exchange.

@@steves9250 I just got done with a 3 week course for Sec+ course the Army put me through. You're giving me flashbacks! 😝

@@steves9250 The MITM on needs enough packets to break the encryption.

use https socks 5 and ssl port 443 add AES encryption with a SHA 256 hash 128b as your keys, To further add security create a firewall which controls incoming and outgoing traffic, make sure you get your logs game tight This should ensure End to End encryption in the manner you are seeking

here is an example of how you can start off: import socket import threading import rsa from Crypto.Cipher import AES from Crypto.Random import get_random_bytes import ssl public_key, private_key = rsa.newkeys(1024) public_partner = None aes_key = get_random_bytes(16) choice = input('Do you want to host (1) or join a chat (2)? ') IP = input('Enter the IP of the server: ') PORT = int(input('Enter the port of the server: ')) context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH) context.load_cert_chain(certfile='path/to/certfile', keyfile='path/to/keyfile') if choice == '1': server = socket.socket(socket.AF_INET, socket.SOCK_STREAM) server.bind((IP, PORT)) server.listen() client, _ = server.accept() client = context.wrap_socket(client, server_side=True) client.send(public_key.save_pkcs1('PEM')) public_partner = rsa.PublicKey.load_pkcs1(client.recv(1024), 'PEM') encrypted_aes_key = rsa.encrypt(aes_key, public_partner) client.send(encrypted_aes_key) elif choice == '2': client = socket.socket(socket.AF_INET, socket.SOCK_STREAM) client = context.wrap_socket(client) client.connect((IP,PORT)) public_partner = rsa.PublicKey.load_pkcs1(client.recv(1024), 'PEM') encrypted_aes_key = client.recv(1024) aes_key = rsa.decrypt(encrypted_aes_key, private_key) client.send(public_key.save_pkcs1('PEM')) else: exit() def sending_messages(c): while True: message = input('') cipher = AES.new(aes_key, AES.MODE_EAX) ciphertext, tag = cipher.encrypt_and_digest(message.encode()) c.send(ciphertext + tag) print('You: ' + message) def receiving_messages(c): while True: ciphertext = c.recv(1024) cipher = AES.new(aes_key, AES.MODE_EAX, nonce=ciphertext[:16]) message = cipher.decrypt_and_verify(ciphertext[16:-16], ciphertext[-16:]) print('User:' + message.decode()) threading.Thread(target=sending_messages, args=(client,)).start() threading.Thread(target=receiving_messages, args=(client,)).start()

RSA is widely used and its considered more safe as compared to others

There are 4 keys total in this example. The server has a public and private key and so does the client. All the scripts do is connect to each other and exchange public keys before sending and receiving messages. Each instance only has their respective public and private keys until they connect to each other and store the other's public key.

I am a bit late but you can increase the number of bits from 1024 to some big numbers to handle large messages

@@abdullahmalik3818 Awesome, I will give it a try. Thanks!

You can't use public keys to decrypt messages, only to encrypt them. The Diffie-Hellman method doesn't protect against man in the middle attacks. You would need to add another layer of security to verify the users' identities.