Encrypted Messaging

Hey Peeps,

I'm currently coding a website and I need beta testers.

It allows you to leave an anonymous, encrypted message utilizing Playfair encryption.

You enter an anonymous username, a message, and choose the "key" you'd like to use.

The only person that can read your message is the "key" holder.

Feel free to view the source and look at the code. It is a Secure SSL protected site.

Any pointers or code critique appreciated.

It's very utilitarian for now. Formatting will come later.

Here's the site: CypherAge Encrypted Messaging

Thanks!!!

PS - feel free to respond with your "key" if you'd like to share your message.

a reply to: MykeNukem

I left a message using the name Kwaka, the key is: password

originally posted by: kwaka
a reply to: MykeNukem

I left a message using the name Kwaka, the key is: password

IULIANASSANGEWASSETFREETODAY



PS - I left a message with a password of: abovetopsecret
PSS - I'm noticing a glitch with the alphabet and the refreshing of the page, as well. Using "I" for "J" for some reason....oops...lol

If I want to leave you a message, it is easier to just leave it on here. Some people might desire to encrypt a message but if I wanted that privacy, I would just call that person on the telephone.. I don't get into the texting crap either, it often takes two minutes to call someone, where it takes five to six texts to get the message across and with all the responses and questions it can take hours to finally get things straightened out instead of three minutes. I have no patients with the new way of communication people are using. Plus, if you call, they may say...hey come over for a bbq tonight or lets go out for a fish fry or a social event to meet them at.

Here are a couple I've tried . . .

dead-drop.me

www.disposablechat.com

a reply to: rickymouse

I think its meant more as a public service than to act as a proper forum. You know...just in case you need a burner phone you don't even have to walk into a store and buy lol!

originally posted by: RickyD
a reply to: rickymouse

I think its meant more as a public service than to act as a proper forum. You know...just in case you need a burner phone you don't even have to walk into a store and buy lol!

That's kind of it.

Easy peasy encrypto squeezy...on the fly, anytime, anywhere..

It's at the very early stages, like, one day of playing around so far..

I can see multiple possible uses, not all of them nefarious

originally posted by: TheMichiganSwampBuck
Here are a couple I've tried . . .

dead-drop.me

www.disposablechat.com

Both of those sites are very close to the concept I'm going for, but I'd like to make this more secure than either of those.

dead-drop.me requires that you email the person a URL and password. That's not secure.

disposable chat doesn't use any encryption and your last 100 chats are stored as plain-text on the server.

I'm going for high security that would require at least some effort to crack.

Those are cool sites though, definitely have their uses.

a reply to: MykeNukem

There is very little that's truly secure when you think of it, one time pads can work but at the end of the day you still will have a link between people and statistics can find links between people and then they can do physical things like mini cameras to watch one side of the conversation.

Ok, never used anything like this.

So, the deciphered message shows up at the top?

You can give numerous people the key, there is no limit to how many can open it?

So you have to dig to find the message left by the person your looking for, (If there are a lot of messages), can you search anywhere?

Would suck to have to scroll through 100 messages to find the one your looking for.

a reply to: MykeNukem

I applaud your efforts for secure communications



But word on the street is NOTHING is secure anymore as Sam Altman has a AI model than can crack block chain strings and all those lost bitcoins that people had on lost hard drives were being cashed in ?

a reply to: MykeNukem

Well, this will get ya' on a list. LOL!

But I presume you already knew this.

a reply to: stonerwilliam

There are some forms of comms which are absolutely unbreakable. Not even the biggest, baddest, super-computer running AI on steroids can crack, and never will. It's not easy to use though. Just don't get caught using it unless you want a long-term carnal relationship with a 7.5lb microscope and some guy named Agent Smith.

originally posted by: chiefsmom
Ok, never used anything like this.

So, the deciphered message shows up at the top?

You can give numerous people the key, there is no limit to how many can open it?

So you have to dig to find the message left by the person your looking for, (If there are a lot of messages), can you search anywhere?

Would suck to have to scroll through 100 messages to find the one your looking for.

No limits.

Yep, deciphered shows up at the top too.

You could use ctrl+f to search for the user or date.

This is basically a proof of concept for now, there will be functionality added later.

It can be bruteforced

Also for the lulz wanted to add this youtu.be...

originally posted by: whereisdagan
It can be bruteforced

Of course it can, anything can, given enough time (billions of years), but, it isn't computationally feasible at this time.

The site is currently using AES 256 on the already Playfair encrypted text.

Also, eavesdropping is useless because I made sure comms between the client/server are encrypted as well.

Could it be beaten? Of course, but it would be more likely that another mistake was made with someone being careless and leaving a key laying around than beating the encryption (which would take billions of years with our current or foreseeable hardware).

I was hinting you should limit the number of attempts made.

Also you just changed the encryption. It wasn't aes-256 earlier.

My next question is: Do you have access to the IV's used? Surely you do. Also, do you mind if I "play" with it for awhile using my tools? Not the encryption but the mechanics of it all?