README.md 10.1 KB
Newer Older
Marios CHOUDARY (76978)'s avatar
Marios CHOUDARY (76978) committed
1
2
# End-to-end encryption with SMKEX

Marios CHOUDARY (76978)'s avatar
Marios CHOUDARY (76978) committed
3
Welcome to the gitlab page for the end2end-smkex project.
Marios CHOUDARY (76978)'s avatar
Marios CHOUDARY (76978) committed
4
5
6
7
This project is about enabling real end-to-end encryption through the use of SMKEX.

This project is a collaboration between
[University Politehnica of Bucharest](https://upb.ro/)
Marius Scarlat's avatar
Marius Scarlat committed
8
and [Certsign](https://www.certsign.ro/)
Marios CHOUDARY (76978)'s avatar
Marios CHOUDARY (76978) committed
9
10
and is funded by [UEFISCDI](https://uefiscdi.gov.ro/)
under the grant scheme
11
12
13
14
15
16
17
18
19
20
[Experimental Demonstrative Project](https://uefiscdi.gov.ro/proiect-experimental-demonstrativ-ped):
 - Contract number: 285PED
 - Project title: Increasing the security of mobile communications through multichannel key exchange
 - Project coordinator: University Politehnica Bucharest
 - Principal Investigator: Dr. Marios O. choudary
 - Total public budget: 599812 RON
 - Partners: Certsign SA Romania
 - Main project objectives: The integration of the SMKEX secure key exchange protocol, developed within the University Politehnica of Bucharest recently, within the mobile application Trust4Mobile developed by the company CertSIGN.
 - Project duration: 24 months (August 2020 - August 2022)
 - Main contact: Dr. Marios O. Choudary (marios.choudary@upb.ro)
Marios CHOUDARY (76978)'s avatar
Marios CHOUDARY (76978) committed
21

22
The execution of the project was done in three stages:
Marios CHOUDARY (76978)'s avatar
Marios CHOUDARY (76978) committed
23
24
25
26
27
28
29

 - Stage 1 (2020): Design of the architecture combining SMKEX with SIP/RTP.
In this stage we designed the overall architecture of our end-to-end
encryption system, integrating the SMKEX protocol with the standard
SIP/RTP architecture used in many VoIP systems. Furthermore, we also
adapted the SMKEX protocol to suit the peer-to-peer usecase necessary for
mobile communications.
30

Marios CHOUDARY (76978)'s avatar
Marios CHOUDARY (76978) committed
31
32
33
34
35
36
37
38
39
40
41
42
43
44
 - Stage 2 (2021): Implement a mobile client application that combines SMKEX with
SIP/RTP for secure communications.
In this stage we have worked first on a linux client implemented in C++,
based on the open-source [PJSIP](https://www.pjsip.org/) library. We modified
this library to allow for SMKEX to provide the encryption key for the messaging
and voice/video services running on SIP/RTP.
We also used the [LibWebSockets](https://libwebsockets.org/) library to enable
the communication between our mobile clients and our SMKEX servers.
This Linux client can be used from command line to test our solution, both with
messages and voice.
The last part of this stage was the implementation of the Android application,
which combines C++ code (the basic PJSIP/SMKEX workflow) with JNI and KOTLIN code
for integration with Android. This results in a mobile application that provides
improved security for peer-to-peer communications.
45

Marios CHOUDARY (76978)'s avatar
Marios CHOUDARY (76978) committed
46
The code for both Linux and Android clients is available on this repository.
47

48
49
50
51
Below is an image showing the architecture of the Android client:
![Android SMKEX Architecture](img/smkex_android.png "Android E2E-SMKEX Architecture")


52
53
54
55
56
57
 - Stage 3 (2022): integration of our solution within the Trust4Mobile
 application of CertSign. The integration was done by adding some of the sources from
 the E2E-SMKEX Android application in the backend components of Trust4Mobile, followed
 by some adjustments needed for the normal operation of the application.
 Furthermore, the frontend component of the application was also modified by adding in the
 graphical interface a new option for using the SMKEX protocol after user registration.
Marios CHOUDARY (76978)'s avatar
Marios CHOUDARY (76978) committed
58

59
60
61
62
 Below there are two images showing the Android Trust4Mobile client integrating SMKEX:
![Android Trust4Mobile-SMKEX Integration 1](img/smkex_t4m_p1.png "Android Trust4Mobile-SMKEX integration 1")
![Android Trust4Mobile-SMKEX Integration 1](img/smkex_t4m_p2.png "Android Trust4Mobile-SMKEX integration 2")

Marios CHOUDARY (76978)'s avatar
Marios CHOUDARY (76978) committed
63
## What's end-to-end encryption
Marios CHOUDARY (76978)'s avatar
Marios CHOUDARY (76978) committed
64
65

By end-to-end encryption we refer to the applications/protocols that
66
enable secure communication between two end users, without a third party being
Marios CHOUDARY (76978)'s avatar
Marios CHOUDARY (76978) committed
67
able to listen to communication. A popular system that tries to provide
68
69
70
end-to-end encryption is Whatsapp, which in turn is based on the Signal protocol.
Other popular VoIP and messaging systems now also provide end-to-end encryption,
e.g. Telegram, Zoom, MS Teams, Skype.
Marios CHOUDARY (76978)'s avatar
Marios CHOUDARY (76978) committed
71
72
73

## What are the problems with existing end-to-end encryption apps ?

74
75
Although there are already several applications that offer end-to-end encryption,
such as Whatsapp, Telegram, etc., they currently rely on a central server to
Marios CHOUDARY (76978)'s avatar
Marios CHOUDARY (76978) committed
76
77
intermediate the communication between users, which means that this server
could tamper with the communication between users.
78
Furthermore, these applications rely on users to manually check that
Marios CHOUDARY (76978)'s avatar
Marios CHOUDARY (76978) committed
79
80
the server did not change their encryption keys. 

Marios CHOUDARY (76978)'s avatar
Marios CHOUDARY (76978) committed
81
## How does end2end-smkex help ?
Marios CHOUDARY (76978)'s avatar
Marios CHOUDARY (76978) committed
82
83
84
85
86
87
88
89
90
91
92

We use the [SMKEX](https://dl.acm.org/doi/abs/10.1145/3243734.3243791) protocol
to make it difficult for a particular entity to break the security of
the communication. SMKEX has been audited by the security community
and published at one of the top security conferences (ACM CCS). 

The main idea behind SMKEX is that we use two different communication channels
with two different servers between communicating parties to perform an
authenticated key exchange. As long as these two channels are disjoint
(i.e. they are not controlled by the same authority), e.g. two different mobile
carriers, performing a man-in-the-middle attack to break the security of the
93
94
95
96
connection becomes very difficult. Furthermore, the key verification is done
automatically by the protocol, without any user intervation.

The main protocol is shown in the figure below
Marios CHOUDARY (76978)'s avatar
Marios CHOUDARY (76978) committed
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
(generated with [Mermaid](https://mermaid-js.github.io/)):

```mermaid
graph LR
A[Client 1] --- B(Server A)
A --- C(Server B)
B --- D(Client 2)
C --- D
```

![Figure](https://mermaid.ink/img/eyJjb2RlIjoiZ3JhcGggTFJcbkFbQ2xpZW50IDFdIC0tLSBCKFNlcnZlciBBKVxuQSAtLS0gQyhTZXJ2ZXIgQilcbkIgLS0tIEQoQ2xpZW50IDIpXG5DIC0tLSBEIiwibWVybWFpZCI6eyJ0aGVtZSI6ImRlZmF1bHQiLCJ0aGVtZVZhcmlhYmxlcyI6eyJiYWNrZ3JvdW5kIjoid2hpdGUiLCJwcmltYXJ5Q29sb3IiOiIjRUNFQ0ZGIiwic2Vjb25kYXJ5Q29sb3IiOiIjZmZmZmRlIiwidGVydGlhcnlDb2xvciI6ImhzbCg4MCwgMTAwJSwgOTYuMjc0NTA5ODAzOSUpIiwicHJpbWFyeUJvcmRlckNvbG9yIjoiaHNsKDI0MCwgNjAlLCA4Ni4yNzQ1MDk4MDM5JSkiLCJzZWNvbmRhcnlCb3JkZXJDb2xvciI6ImhzbCg2MCwgNjAlLCA4My41Mjk0MTE3NjQ3JSkiLCJ0ZXJ0aWFyeUJvcmRlckNvbG9yIjoiaHNsKDgwLCA2MCUsIDg2LjI3NDUwOTgwMzklKSIsInByaW1hcnlUZXh0Q29sb3IiOiIjMTMxMzAwIiwic2Vjb25kYXJ5VGV4dENvbG9yIjoiIzAwMDAyMSIsInRlcnRpYXJ5VGV4dENvbG9yIjoicmdiKDkuNTAwMDAwMDAwMSwgOS41MDAwMDAwMDAxLCA5LjUwMDAwMDAwMDEpIiwibGluZUNvbG9yIjoiIzMzMzMzMyIsInRleHRDb2xvciI6IiMzMzMiLCJtYWluQmtnIjoiI0VDRUNGRiIsInNlY29uZEJrZyI6IiNmZmZmZGUiLCJib3JkZXIxIjoiIzkzNzBEQiIsImJvcmRlcjIiOiIjYWFhYTMzIiwiYXJyb3doZWFkQ29sb3IiOiIjMzMzMzMzIiwiZm9udEZhbWlseSI6IlwidHJlYnVjaGV0IG1zXCIsIHZlcmRhbmEsIGFyaWFsIiwiZm9udFNpemUiOiIxNnB4IiwibGFiZWxCYWNrZ3JvdW5kIjoiI2U4ZThlOCIsIm5vZGVCa2ciOiIjRUNFQ0ZGIiwibm9kZUJvcmRlciI6IiM5MzcwREIiLCJjbHVzdGVyQmtnIjoiI2ZmZmZkZSIsImNsdXN0ZXJCb3JkZXIiOiIjYWFhYTMzIiwiZGVmYXVsdExpbmtDb2xvciI6IiMzMzMzMzMiLCJ0aXRsZUNvbG9yIjoiIzMzMyIsImVkZ2VMYWJlbEJhY2tncm91bmQiOiIjZThlOGU4IiwiYWN0b3JCb3JkZXIiOiJoc2woMjU5LjYyNjE2ODIyNDMsIDU5Ljc3NjUzNjMxMjglLCA4Ny45MDE5NjA3ODQzJSkiLCJhY3RvckJrZyI6IiNFQ0VDRkYiLCJhY3RvclRleHRDb2xvciI6ImJsYWNrIiwiYWN0b3JMaW5lQ29sb3IiOiJncmV5Iiwic2lnbmFsQ29sb3IiOiIjMzMzIiwic2lnbmFsVGV4dENvbG9yIjoiIzMzMyIsImxhYmVsQm94QmtnQ29sb3IiOiIjRUNFQ0ZGIiwibGFiZWxCb3hCb3JkZXJDb2xvciI6ImhzbCgyNTkuNjI2MTY4MjI0MywgNTkuNzc2NTM2MzEyOCUsIDg3LjkwMTk2MDc4NDMlKSIsImxhYmVsVGV4dENvbG9yIjoiYmxhY2siLCJsb29wVGV4dENvbG9yIjoiYmxhY2siLCJub3RlQm9yZGVyQ29sb3IiOiIjYWFhYTMzIiwibm90ZUJrZ0NvbG9yIjoiI2ZmZjVhZCIsIm5vdGVUZXh0Q29sb3IiOiJibGFjayIsImFjdGl2YXRpb25Cb3JkZXJDb2xvciI6IiM2NjYiLCJhY3RpdmF0aW9uQmtnQ29sb3IiOiIjZjRmNGY0Iiwic2VxdWVuY2VOdW1iZXJDb2xvciI6IndoaXRlIiwic2VjdGlvbkJrZ0NvbG9yIjoicmdiYSgxMDIsIDEwMiwgMjU1LCAwLjQ5KSIsImFsdFNlY3Rpb25Ca2dDb2xvciI6IndoaXRlIiwic2VjdGlvbkJrZ0NvbG9yMiI6IiNmZmY0MDAiLCJ0YXNrQm9yZGVyQ29sb3IiOiIjNTM0ZmJjIiwidGFza0JrZ0NvbG9yIjoiIzhhOTBkZCIsInRhc2tUZXh0TGlnaHRDb2xvciI6IndoaXRlIiwidGFza1RleHRDb2xvciI6IndoaXRlIiwidGFza1RleHREYXJrQ29sb3IiOiJibGFjayIsInRhc2tUZXh0T3V0c2lkZUNvbG9yIjoiYmxhY2siLCJ0YXNrVGV4dENsaWNrYWJsZUNvbG9yIjoiIzAwMzE2MyIsImFjdGl2ZVRhc2tCb3JkZXJDb2xvciI6IiM1MzRmYmMiLCJhY3RpdmVUYXNrQmtnQ29sb3IiOiIjYmZjN2ZmIiwiZ3JpZENvbG9yIjoibGlnaHRncmV5IiwiZG9uZVRhc2tCa2dDb2xvciI6ImxpZ2h0Z3JleSIsImRvbmVUYXNrQm9yZGVyQ29sb3IiOiJncmV5IiwiY3JpdEJvcmRlckNvbG9yIjoiI2ZmODg4OCIsImNyaXRCa2dDb2xvciI6InJlZCIsInRvZGF5TGluZUNvbG9yIjoicmVkIiwibGFiZWxDb2xvciI6ImJsYWNrIiwiZXJyb3JCa2dDb2xvciI6IiM1NTIyMjIiLCJlcnJvclRleHRDb2xvciI6IiM1NTIyMjIiLCJjbGFzc1RleHQiOiIjMTMxMzAwIiwiZmlsbFR5cGUwIjoiI0VDRUNGRiIsImZpbGxUeXBlMSI6IiNmZmZmZGUiLCJmaWxsVHlwZTIiOiJoc2woMzA0LCAxMDAlLCA5Ni4yNzQ1MDk4MDM5JSkiLCJmaWxsVHlwZTMiOiJoc2woMTI0LCAxMDAlLCA5My41Mjk0MTE3NjQ3JSkiLCJmaWxsVHlwZTQiOiJoc2woMTc2LCAxMDAlLCA5Ni4yNzQ1MDk4MDM5JSkiLCJmaWxsVHlwZTUiOiJoc2woLTQsIDEwMCUsIDkzLjUyOTQxMTc2NDclKSIsImZpbGxUeXBlNiI6ImhzbCg4LCAxMDAlLCA5Ni4yNzQ1MDk4MDM5JSkiLCJmaWxsVHlwZTciOiJoc2woMTg4LCAxMDAlLCA5My41Mjk0MTE3NjQ3JSkifX19)



The connection between the two clients is secured by SMKEX and can only be
compromised if servers A and B co-operate in real-time.
To avoid such co-operation , we can ensure that servers A and B are separated
by a large geographic area and then rely on Alibi routing to prove that there
is man-in-the-middle in the communication.

## So which is best ?

We take the good design ideas from existing end-to-end encryption mechansism,
120
but on top we use the SMKEX protocol to improve end-to-end security, that is
Marios CHOUDARY (76978)'s avatar
Marios CHOUDARY (76978) committed
121
122
123
124
to protect users against a server that wants to intercept communication. This
way, the users do not need to manually verify their keys (which in many cases
can be impossible or very difficult) to ensure that they have a secure channel.

Marios CHOUDARY (76978)'s avatar
Marios CHOUDARY (76978) committed
125
## Can I use end2end-smkex ?
Marios CHOUDARY (76978)'s avatar
Marios CHOUDARY (76978) committed
126

127
128
Yes, the code is now available here. Check out the master branch, follow the instructions on how to compile and run.

Marios CHOUDARY (76978)'s avatar
Marios CHOUDARY (76978) committed
129
We have two implementations available: a linux command-line based application and an Android application with a simple GUI for sending messages and making voice calls. Please check the README in the linux client (folder MultiPathVoIPLite) and Android client (folder android-client) for details.
130
131
132
133
134
135

## Documentation

We have written a paper with all our work, detailing the architecture of the system, the security properties
as well as the linux and Android implementations. You can find the paper within the "publications/" fonder in the main repo:
https://gitlab.cs.pub.ro/marios.choudary/end2end-smkex/-/blob/master/publications/e2esmkex.pdf