Skip to main content

Encrypted IRC

Project description

Cloud-hosted IRC with symmetric authenticated encryption

Version

Description and Features

Privacy is at a premium, and the need for a secure means of communication is greater than ever.

  • Wisper messages use Fernet encryption, which employs 128-bit AES in CBC mode, with CMS padding, and HMAC using SHA256 for authentication.
  • Using Wisper requires a mutual secret key, and messages cannot be decoded without one.
  • Messages remain fully encrypted between end-points.
  • The server operates from an AWS EC2 instance and is available at all times. It is automatically started by an AWS Lambda function which is triggered on application start-up.
  • Messages are serialized with Google protocol buffers, enabling both a smaller packet size and an encrypted sender alias.

System Requirements

Installation

$ pip install wisper

Usage

It is a requirement for all users to possess a mutual secret key. This must be negotiated ahead of time. To generate a new key, type y into the Need a new key? (y/n) prompt at start-up.

To start a chat session:

$ wisper
$ Starting EC2 server instance...
$ Need a new key? (y/n): <selection>
$ Enter secret key: <secret-key>
$ Key accepted
$ Enter alias: <alias>
$ Running server checks...
$ Server started
$ Establishing connection with server...
$ Connected to Wisper server
  • Wisper will send a notification when peers are connected/disconnected.

To end a session:

  • Enter exit() or press ^C

Architecture

Connection:

When the Wisper client is started by the user, an HTTP request is made to an AWS API Gateway endpoint. The request triggers a Lambda function which checks to see if any Wisper server EC2 instances are running. If not, one is spun up. The Lambda function returns the instance’s public IP address, relayed to the client via an HTTP response by the API Gateway. The client collects the secret key and user’s alias, and connects to the server.

https://s3.us-east-2.amazonaws.com/wisper-diagrams/wisper-connection-diagram.png

Communication:

Wisper messages are serialized, encrypted, and sent to all connected clients through the server. All client-to-client communication is encrypted between end-points. All server-to-client messages are sent unencrypted.

https://s3.us-east-2.amazonaws.com/wisper-diagrams/wisper-communication-diagram.png

Shutdown:

The server instance detects when all clients are disconnected. This event triggers an HTTP request to API Gateway, invoking a Lambda function, which shuts down the server, and stops the EC2 instance.

https://s3.us-east-2.amazonaws.com/wisper-diagrams/wisper-shutdown-diagram.png

Contribute

Contribution Guideline can be found here. Please feel free to use, share, and extend this project. PR’s welcome.

Project details


Release history Release notifications

This version

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for wisper, version 1.0.0
Filename, size File type Python version Upload date Hashes
Filename, size wisper-1.0.0-py2-none-any.whl (14.1 kB) File type Wheel Python version py2 Upload date Hashes View hashes
Filename, size wisper-1.0.0.tar.gz (12.5 kB) File type Source Python version None Upload date Hashes View hashes

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page