TorChat icon indicating copy to clipboard operation
TorChat copied to clipboard
verified publisher icon prof7bit

Encrypting the user data

Open ghost opened this issue 13 years ago • 3 comments

Okay, this is going to be a long post.

I wrote a version of TorChat a while ago in Mono and Java, but `things' happened and I stopped both of them. While writing it, I noticed a slight design flaw, in that the user data is left unencrypted. If you're not using a ramdisk or an encrypted volume, the data is easily readable and the hostname/private key is exposed, even if it is deleted.

I am suggesting that:

  1. The user data, e.g. settings, profile data, avatar, buddylist, etc gets encrypted into a file using salted aes256+sha256 (or whatever works)
  2. The private key and the hostname are also encrypted in the same file

When TorChat is opened by the user, it will ask for the password, and if the decryption is successful, it will load the settings from the unencrypted volume. If it fails, it exits or something. I have recently submitted a patch to Tor that will allow you to send the hostname/privatekey to Tor over the control socket, located here.

The encryption could also be optional (and stored in plaintext), if someone prefers to use an encrypted volume, etc.

ghost avatar Jul 21 '12 18:07 ghost

2012/7/21 kevinevans [email protected]:

I have recently submitted a patch to Tor that will allow you to send the hostname/privatekey to Tor over the control socket, located here.

Yes, this is basically what has been missing all the time. Because without it its not really possible to secure the hidden service key while it is running, I have not implemented any attempt to encrypt it at all, trying to avoid a half baked solution. Until this is available in Tor the recommendation for using TorChat is to run it only on computers that are 100% under the user's control and use TrueCrypt to secure the folder while not using it.

You are not the first one criticizing this flaw in TorChat but you are the first one who actually finally started to do the needed work in Tor :-) Other applications could also profit from it in the future.

prof7bit avatar Jul 22 '12 02:07 prof7bit

Alright, so just hope it gets implemented in the next unstable release?

ghost avatar Jul 22 '12 06:07 ghost

On , kevinevans
[email protected]
wrote:

Alright, so just hope it gets implemented in the next unstable release?

I cannot speak for Tor (because I am not a member of the Tor project) but
once this is available in Tor I will try to make use of it in TorChat.

prof7bit avatar Jul 22 '12 09:07 prof7bit