DESIGN OF A SECURE ANDROID CHATTING APPLICATION USING END TO END ENCRYPTION

Smart phones have become an essential part in the life. The most prominent uses are in chatting and conversation applications. Large number of these applications claim that they are providing security, confidentiality and integrity of user’s information. The security and privacy-preserving features of different mobile applications have gone under the spot-light. Yet there are very few mobile chat applications that give an End-to-End security and privacy-preserving service to their clients. In this paper, a secure chatting application with end-to-end encryption for smart phones, that used the android OS, have been proposed. This is achieved by the use of public key cryptography techniques. The proposed application used the ECDH algorithm to generate the key pair and exchanged to produce the shared key that will be used for the encryption of data by symmetric algorithms. The proposed application allows the users to communicate via text messages, voice messages, as well as exchange photos. For the text message security, the standard AES algorithm with a 128 bit key are used. The generated key (160 bit) is minimized to 128 bit length in order to be used by the AES algorithm. For the voice and image security processes the proposed application used the symmetric algorithm RC4. RC4 provides less security than AES but it performs faster and this is required for such types and sizes of data. The idea behind the RC4 attack is the biases in RC4 key streams. Thus, a new shift function is introduced that eliminated the biases as showed in the results, which guarantees the RC4 algorithm with the modification it can be considered secure.