DEV Community

Cover image for Implementing End to End Encryption in your Cross Platform App
Tapajyoti Bose
Tapajyoti Bose

Posted on • Edited on

Implementing End to End Encryption in your Cross Platform App

This is a two part tutorial series for implementing End to End Encryption. If you haven't read the first part you are suggested read it before continuing. The second part will be focusing on encrypting any message between two users using the shared key generated in the first part.

Quick Recap

In the last blog we got a server up and running to generate the shared key using Diffie Hellman algorithm.

Generating the shared key

We would be using the requests module to fetch the keys. Let's generate the shared keys.

import requests

BASE_URL = "http://127.0.0.1:5000"  # assuming the server is running locally

alice = requests.get(f"{BASE_URL}/generate-keys").json()
alice_private, alice_public = alice["private_key"], alice["public_key"]

bob = requests.get(f"{BASE_URL}/generate-keys").json()
bob_private, bob_public = bob["private_key"], bob["public_key"]

alice_params = {"local_private_key": alice_private, "remote_public_key": bob_public}
bob_params = {"local_private_key": bob_private, "remote_public_key": alice_public}

alice_shared_key = requests.get(
    f"{BASE_URL}/generate-shared-key", params=alice_params
).json()["shared_key"]
bob_shared_key = requests.get(
    f"{BASE_URL}/generate-shared-key", params=bob_params
).json()["shared_key"]

# alice and bob have access to the same shared key
assert alice_shared_key == bob_shared_key
print(alice_shared_key)
Enter fullscreen mode Exit fullscreen mode

Adding the Cipher

Now that we have the shared keys, need a cipher to encode messages using the key. Let's use XOR Cipher for this purpose as it's easy to implement and secure as well.

def xor_encrypt_decrypt(message: str, key_string: str):
    key = list(key_string)
    output = []
    for i in range(len(message)):
        char_code = ord(message[i]) ^ ord(key[i % len(key)][0])
        output.append(chr(char_code))
    return "".join(output)


def encrypt(message: str, key: str):
    return xor_encrypt_decrypt(message, key)


def decrypt(encrypted_message: str, key: str):
    return xor_encrypt_decrypt(encrypted_message, key)
Enter fullscreen mode Exit fullscreen mode

Testing out the End to End Encryption

It always a good practice to test out your code. We can test it out using the following snippet

message = "Random message"
encrypted_message = encrypt(message, alice_shared_key)

print(encrypted_message)

decrypted_message = decrypt(encrypted_message, bob_shared_key)

print(decrypted_message)
Enter fullscreen mode Exit fullscreen mode

Project using this Implementation

Smartsapp

Web-app: https://smartsapp-ba40f.firebaseapp.com

GitHub logo ruppysuppy / SmartsApp

💬📱 An End to End Encrypted Cross Platform messenger app.

Smartsapp

A fully cross-platform messenger app with End to End Encryption (E2EE).

Demo

NOTE: The features shown in the demo is not exhaustive. Only the core features are showcased in the demo.

Platforms Supported

  1. Desktop: Windows, Linux, MacOS
  2. Mobile: Android, iOS
  3. Website: Any device with a browser

Back-end Setup

The back-end of the app is handled by Firebase.

Basic Setup

  1. Go to firebase console and create a new project with the name Smartsapp
  2. Enable Google Analylitics

App Setup

  1. Create an App for the project from the overview page
  2. Copy and paste the configurations in the required location (given in the readme of the respective apps)

Auth Setup

  1. Go to the project Authentication section
  2. Select Sign-in method tab
  3. Enable Email/Password and Google sign in

Firestore Setup

  1. Go to the project Firestore section
  2. Create firestore provisions for the project (choose the server nearest to your location)
  3. Go to the Rules…




Finding personal finance too intimidating? Checkout my Instagram to become a Dollar Ninja

Thanks for reading

Reach out to me on:

Top comments (0)