Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/fabiocolacio/mercury

An end-to-end encrypted chat service.
https://github.com/fabiocolacio/mercury

certificate chat chatroom e2e e2e-encryption mercury mercury-server ssl tcp

Last synced: 8 days ago
JSON representation

An end-to-end encrypted chat service.

Host: GitHub
URL: https://github.com/fabiocolacio/mercury
Owner: fabiocolacio
License: zlib
Created: 2018-08-31T01:32:30.000Z (about 6 years ago)
Default Branch: master
Last Pushed: 2019-12-22T02:58:55.000Z (almost 5 years ago)
Last Synced: 2024-06-20T05:22:34.110Z (5 months ago)
Topics: certificate, chat, chatroom, e2e, e2e-encryption, mercury, mercury-server, ssl, tcp
Language: Go
Homepage:
Size: 178 KB
Stars: 2
Watchers: 1
Forks: 1
Open Issues: 9
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # Mercury Chat

Mercury is my end-to-end encrypted chat protocol.

This repository is currently the home of the server-side code.

The prototype client can currently be found [here](https://github.com/fabiocolacio/quicksilver).

## Protocol

The current protocol is relatively simple.

It was inspired by the *Double Ratchet Algorithm* implemented by Open Whisper Systems for their app *Signal*.

Each Alice would like to initiate a conversation with a new peer, they must both create elliptic-curve Diffie-Hellman parameters, and exchange their public parameters.

Every time Alice sends a message to a peer (such as Bob), she creates a shared secret using her private parameters and Bob's public parameters.

She encrypts the message using this shared key, and sends it to Bob.

Each time she sends a message, she also creates new Diffie-Hellman parameters, and sends the public component alongside the message.

No two messages are ever encrypted with the same secret, because each time a message is received, the Diffie-Hellman parameters are updated and the shared-secret changes.

This is the structure of a message:

```

Sid: The id of the sender's DH parameters used for this message

Rid: The id of the receiver's DH parameters used for this message

 IV: The initialization vector used for AES-CBC encryption of encrypted fields

Nxt: The sender's newly created public DH parameter for use on the next message (encrypted)

Msg: The encrypted message

Key: The encrypted HMAC key

Tag: HMAC integrity tag - HMAC(Nxt || Msg, Decrypted HMAC key))

```

## Future Plans

* Group chat

* Voice/video support

* Blockchain-based trustless keyserver integration (removes need to manually coordinate initial key-exchange)

* Docker image

* Better (mobile?) client

## Installing

After installing golang and MySQL, run the installer with this command:

```

curl https://raw.githubusercontent.com/fabiocolacio/Mercury/master/install.sh -sSf | sh

```

## Configuration

In order to run the server, you must first write a configuration file in the ``toml`` format, specifying the following details:

* HttpAddr

  * The address and port to bind the HTTP server to.

  * HTTP requests are simply redirected to the HTTPS server.

* HttpsPort

  * The address and port to bind the HTTPS server to.

* CertFile

  * The absolute path to your server's certificate.

  * For information about acquiring a certificate, see [the wiki](https://github.com/fabiocolacio/Mercury/wiki/Acquiring-an-SSL-Certificate)

* KeyFile

  * The absolute path to your server's private key.

  * For information about acquiring a key, see [the wiki](https://github.com/fabiocolacio/Mercury/wiki/Acquiring-an-SSL-Certificate).

* LogFile (Optional)

  * The absolute path to a log file to maintain

  * If this is not set, the server logs to stdout, which can be redirected as you please

  * The file will be appended to if it already exists

* SQLUser

  * The user which will perform operations on the SQL database

* SQLPass

  * The password for SQLUser

* SQLDb

  * The SQL database that mercury will use for its tables

You should save your configuration file to ``/usr/local/share/com.github.fabiocolacio.mercury-server/config.toml``.

A sample configuration file, ``sample-server.toml``, can be found in the ``res`` directory.

## Usage

When running mercury for the first time, use the ``--init`` flag.

This will create all necessary tables in the database.

Use this flag with caution!

If the tables already exist, *it will delete and reset them*.

```

mercury --init

```

mercury looks for a configuration file in ``~/.config/mercury/config.toml`` by default.

You may specify another config file with the ``--config`` flag.

```

mercury --config ~/path/to/configuration/file/config.toml

```