See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/234793505

Design of a secure chat application based on AES cryptographic algorithm and

key management

Article · January 2008

CITATIONS READS

2 3,261

2 authors, including:

Nikolaos G. Bardis
Hellenic Army Academy
91 PUBLICATIONS   251 CITATIONS   

SEE PROFILE

Some of the authors of this publication are also working on these related projects:

Cyber Security, Reliability and Survivability View project

Information Security and Zero-Knowledge User Identification View project

All content following this page was uploaded by Nikolaos G. Bardis on 30 May 2014.

The user has requested enhancement of the downloaded file.

 MATHEMATICAL METHODS, COMPUTATIONAL TECHNIQUES, NON-LINEAR SYSTEMS, INTELLIGENT SYSTEMS

Design of a Secure Chat Application based on AES Cryptographic

Algorithm and Key Management
NIKOLAOS G. BARDIS KONSTANTINOS NTAIKOS
Adjunct Professor Second Lieutenant, Air Defence Officer
University of Military Education University of Military Education
1
Hellenic Army Academy, 2Hellenic Naval Hellenic Air Force Academy
Academy, 3Hellenic Air Force Academy Department of Computer Sciences
Department of Computer Sciences Dekelia Air Base, Tatoi, Metamorfosi 144 51,
1
Vari - 16673, 2Terma Hadjikyriakou Avenue, Greece
Piraeus - 18539, 3Dekelia Air Base, Tatoi,
Metamorfosi 144 51, Greece

Abstract: - This article presents the design and implementation of a software application for the provision of
secure real time communication services between workstations, based on the AES prototype cryptographic
algorithm and an advanced secret key management system. The application has been designed based on the
requirements of a military unit, so as to allow groups of authenticated users to communicate and read the
transmitted messages. This application can be used as the basis for the design of an integrated communication
system for a military organization. The present design confines its operation within the limits of a local area
network, but the possibilities are open for operation in extended networks or the internet. In this article, a
concise account of the design of the application is first presented. The way in which a symmetric encryption
system uses a pair of secret keys to provide additional capabilities is hence presented. Consequently, the
operation of a password management system is presented that achieves secure storage and handling of user
secret passwords and access control data. Finally, the application implementation details are presented for a
Visual Basic 6 implementation developed for a military unit.

Key-Words: - Secure messaging, AES, encryption, key management

1 Introduction for handling, distributing, safely storing and

One of the most important factors that determine the retrieving user passwords. The ultimate aim of the
efficiency and effectiveness of operation of a application is to provide the infrastructure that will
contemporary military or commercial organisation allow groups of authenticated users to read
is its capability to securely store, retrieve and messages that they exchange in pairs.
communicate information between authenticated
users [2]. Information security is a primary goal for
the armed forces and achieving information security 2 Operation of the symmetric
may provide the required leading edge for an army. encrypted communication system
Consequently, information systems are continuously The basic operation principle for a system of
developed that aim at providing safe data storage symmetric cryptographic communication is the use
and communication between working units of the of a shared secret key that is used for both
organisation involved. The development and encryption and decryption. The secret key is the
expansion of the Internet have established it as one most important component of the encryption
of the most important communications channels system, as it is the principle means that transforms
both at the level of large scale organisations (banks, clear messages to ciphertexts. The disclosure of the
multinational companies etc) and at the level of key to malicious users jeopardises the essence of
simple users. communication. For a group of users of a symmetric
The purpose of this work is to design and cryptography system, the method of a shared secret
develop a software application that provides secure key is widely used. With this method, if a malicious
real time communication based on symmetric user were to join forces with enemy cryptanalysts,
cryptographic algorithms and a management system they would only be capable of disclosing their own

ISSN: 1790-2769 486 ISBN: 978-960-474-012-3

 MATHEMATICAL METHODS, COMPUTATIONAL TECHNIQUES, NON-LINEAR SYSTEMS, INTELLIGENT SYSTEMS

secret keys and hence disclose all communication in In this figure it can be seen that in a bidirectional
which they took part. This way, in a group of symmetric encrypted communication system, two
authenticated users such as the users in a military keys are used. In every epoch of this
environment, the use of a shared key for all users communication, the sender’s personal key is used.
entails problems since any disclosure of the key When Alice is the sender (1-5), her own personal
would annihilate security for all communications. key KA is used to encrypt her message. On the other
For this reason, instead of using a single key for side Peter as a receiver uses the sender’s key (i.e.
everyone, a protocol can be designed for which Alice’s) to recover the original message via
every user is issued a secret key which they decryption. The inverse procedure is performed in
distribute via safe communications channels or via the following communication epoch (6-10) when
personal contact to all the users with whom they are Peter as a sender determines that his own key Kp is
interested of securely communicating. The in use.
application presented in this article is developed Having defined the protocol for communication,
based on the above protocol. More specifically, a the need for designing a system for handling user
user of the application is assigned a personal key (of passwords and secret keys becomes apparent. Each
their own choice or automatically generated) that user receives from the remaining users of the same
they disclose to certified users of the same group their own personal keys, with which they can
application that have access to the common decrypt the corresponding messages. Memorising all
network. On the other side, the same user receives these passwords and entering them in the system
the corresponding secret keys from all these users. whenever necessary, is considered impossible. The
The above protocol gives the possibility for duplex secret key management system has as an aim the
encrypted communication between users. The secure storage and retrieval of passwords and their
application uses the secret key of its owner for use depending on the needs of the communication.
sending data to the network and the secret keys of The password management system includes various
other users for decrypting messages it has received subsystems, to be described later in this paper and
from them. acts in conjunction with the secure communication
The operation of the encrypted communication system. In reality, the communication system
scheme is illustrated in Figure 1 below. The symbol informs the secret key management system for the
(1, 5) PA denotes the plain text message originating requirements of the current exchange. In return the
from user Alice, the symbol (2, 4) ΚA the personal secret key management system retrieves and
Key of user Alice, the symbol (3) СA the Cipher forwards the required keys so as to achieve
Text corresponding to Alice’s message, the symbol successful message exchanges.
(7, 9) ΚP the personal Keyof user Peter, the symbol The classical symmetrical cryptographic systems
(6, 10) PP is the plain text message originating from use a common secret key for both the two
Peter and the symbol (9) СP the ciphertext communication periods. These cryptographic
corresponding to Peter’s message.. systems are used for the secure communication
between two users only and in case of the key break
from intruders the communication is open in both
the two periods. However in a group of certified
users, the use of personal secret key instead of one
common secret key for each pair is acceptable while
at the same time it offers advantages. Each period of
communication is protected by a different key of
communication. Thus each hacker should make
double computational effort in order to break the
two personal secret keys or more keys consequently
the total of communication. In order for each user
that belongs in the certified group to communicate
with the users that he wishes, he should know their
personnel secret keys of encryption while at the
Figure 1: Schematic operation of the system of same time he notifies them his personal secret key.
duplex communication with use of two keys The memorization of each user keys is impossible
while the use of on error key makes the

ISSN: 1790-2769 487 ISBN: 978-960-474-012-3

 MATHEMATICAL METHODS, COMPUTATIONAL TECHNIQUES, NON-LINEAR SYSTEMS, INTELLIGENT SYSTEMS

communication impossible. For this reason the service (DNS) for hostname-IP-address resolution,
proposed cryptographic system of communication the same Dynamic Host Configuration Protocol
proposes a key management system. This describes service (DHCP) for dynamic IP-address allocation
the processes for the secure storage of the and the same interface (ODBC, JDBC) in order to
communication keys as well as the way of accessing access a particular Relational Database Management
these keys depending on the requirements of System (RDBMS) for data management.
communication. Consequently, the symmetrical key management
capability must also be abstracted. Applications
2.1 The key management problem need only have access to a key management service
The problem surrounding symmetric key that runs independently in its own standardised
management becomes more apparent when seen infrastructure. Encryption and decryption will hence
from the perspective of the administration of IT be enabled in a uniform way that can offer a
operations of e.g. a commercial enterprise that standard and adequate level of security.
accepts payments via credit cards. In this example, In the pilot phase of the development of this
the system would be required to manage: application, a simple approach to solving the key
• A point of sales application management problem will be taken. This approach
communicating with an extended will be sufficiently explained in the following
network of point of sales terminals. section. A more comprehensive approach is under
• An e-commerce application that handles development and will be presented in the near
payments using the received credit card future.
numbers.
• A payment processing application that 3 Architecture of the application
settles transactions after communication In a previous paragraph the overall operation of
with the credit card network. the application was described. This operation is
• A back office application that handles supported using various subsystems that from an
accounting implementation point of view can be seen as
• A security application for detecting commands that when properly combined lead to the
fraud. desired result. The encryption and decryption
In addition to the above and with the extensive of subsystems can be singled out as two such
laptops and PDAs for business purposes, there are fundamental subsystems. As autonomous entities,
even more authentication operations that need these subsystems have as input the secret key and
monitoring and management. More overheads are either the clear message or the ciphertext and as
added on, due to the existence of databases and output, either an encrypted or a deciphered result.
operating system specific authentication The process of calculating the result directly
mechanisms. Overheads are increased furthermore
implements the mathematical model of the AES
since different applications may coexist within the
cryptographic algorithm.
limits of a particular organisation that are products
of different vendors and therefore employ their own After having implemented the encryption
different design for symmetric key management. functionality and achieved the level of security
Administration problems are not just problems of necessary, the application must be integrated with
operating a particular type of software. Each the subsystems for the handling of the secret keys
security subsystem conforms to its own technology and passwords. These subsystems are also part of
and therefore requires its own training, the communication protocol in the key management
documentation, procedures and audits (such as the phase. As it was mentioned before, the purpose of
audits performed by credit card transaction this subsystem is the safe storage of secret keys and
regulatory authorities or sensitive personal data passwords for each user and the access control
protection authorities). Apart from increasing cost function for the application. The Master Key model
for companies, all the above factors also increase is applied in order to achieve these goals. The
the risk of an eventual breach of security Error! master key is used by information systems for the
Reference source not found.. Software engineering secure storage of communication passwords
has been faced with similar problems in the past and (session keys). User keys are encrypted with the
the answer has always been to abstract services from master key before being stored for the purposes of
applications. Hence it is current practice that all the application, thus ensuring their security. As a
applications use the same Domain Name System means of saving the keys, a database has been

ISSN: 1790-2769 488 ISBN: 978-960-474-012-3

 MATHEMATICAL METHODS, COMPUTATIONAL TECHNIQUES, NON-LINEAR SYSTEMS, INTELLIGENT SYSTEMS

designed within the application. This database will database. For this reason, the following two routines
be referred to for the purposes of this article as the need to be developed.
User Database and will contain entries concerning
user personal data and their corresponding secret 3.2 User password update routine for the
key, encrypted using the master key. Additionally, user data file
the use of a file is defined, with the aim of storing The user password update routine for the user data
the personal encryption key of the user. The key is file receives as input the encrypted personal secret
saved in the file, after being encrypted with the key decrypts it with the old password and encrypts
application master key. This file is called the user the result with the new password. The result of the
data file. encryption is stored in the user data file in the place
of the personal communication key.
3.1 Access Control
For the access control function, the following 3.3 User password update routine for the
procedure is defined. The application uses a unique user database
number hard coded within the application source Similarly, the user password update routine for the
and encrypts it with the user password. This will be user database executes a similar procedure with that
referred to from now on as access code. The of the previous routine for all user keys that are
encrypted result is saved in the user data file. For stored within the user database.
access control the application asks the user to enter It therefore becomes apparent that when a new
the password and uses it to decrypt the encrypted password is requested from a user, all three routines
unique access code value stored in the user data file. above will need to be executed. This will result in
If the result is equal to the unique number stored in an update in the encrypted values stored for the
the source code then access is allowed, since the unique access code and all the personal secret
access code is correct. The above procedure communication keys, so as to reflect the change in
constitutes the access control routine and is the password.
executed at application startup.
The access control routine is a subsystem of the 3.4 Personal encryption key change routine
password management system. The unique number When the user requires the change of the personal
is entered in the source code from the system secret encryption key that the application will use
administrator and is changed at regular intervals so for communication, the personal encryption key
as to achieve a high level of security. The principle change routine is executed. This routine receives the
aim of the management system is to receive the user new secret key, encrypts it using the password and
keys from the application users and safely store stores the result in its correct place inside the user
them in the user database. This process is executed data file
with the help of the remaining subsystems.
User password update routine 3.5 Communication contact secret key
The first one of these subsystems is the user update routine
password update routine. This is executed when A similar procedure is followed by the
application users require a change in the password communication contact secret key update routine.
or secret key they use. This subsystem has as input This is executed when the user requires an update of
the new user password (or secret key). It hence the secret communication key stored in the user
receives the unique access control number used for database for a particular user contact. During this
access control and encrypts it using the new change, the user data for the particular contact are
password. The encrypted result is hence stored in recovered, decrypted, updated with the new key and
the user data file in the place of the old encrypted stored back inside the database, replacing the old
number. entry, after they are once more encrypted.
This way during the next user access, the new
password will need to be entered so that the access 3.6 New user introduction routine
control routine allows access to the application. The In order to introduce a new user in the application,
above functionality is now however sufficient. The with whom communication will be possible, the
access code is used by the application to encrypt the new user introduction routine is called. This requires
communication secret keys inside the user data file. as input the new user’s personal data, together with
It is additionally used as a primary key in the user their personal secret encryption key. The routine
encrypts the key with the password and combines

ISSN: 1790-2769 489 ISBN: 978-960-474-012-3

 MATHEMATICAL METHODS, COMPUTATIONAL TECHNIQUES, NON-LINEAR SYSTEMS, INTELLIGENT SYSTEMS

the result with the personal data to formulate a valid presented when the design will have reached a more
entry to be stored in the user database, in the first mature stage.
available position.
When the communication system attempts to start a
new duplex communication, it notifies the password
management system about the user it needs to
connect with. The purpose of this notification is to
recover from the appropriate entry in the database
the proper communication keys and forward those
keys to the communication subsystem. The above
operation is completed via the following two
routines.

3.7 Personal key recovery routine

The personal key recovery routine receives the
encrypted personal communication key from the
user data file, decrypts it with the appropriate
password and forwards it to the encrypted
communication subsystem.

3.8 Contact personal key recovery routine Figure 2: Main message composition and reception
On the other side, the contact personal key recovery window
routine receives from the communication subsystem
the username with whom communication is going to 5 Conclusion
be established and retrieves the corresponding entry This article describes the early stages of the design
from the user database. When this is recovered, the of an application for secure communication for
secret key is decrypted with the password and military organizations. The design of this
forwarded to the communications subsystem. application is based on state of the art encryption
After the two above routines have completed, the technologies, namely AES, and exploits this
application is ready to perform duplex symmetric technology within an environment that promotes
key encrypted communication as specified. and facilitates the use of safe practices on the behalf
of users. More specifically, the application takes
4. Development of the application responsibility for the storage, retrieval and
interface management of the secret keys required for the
The application described in this article is best encryption and proposes a protocol for using keys
suited for development based on the object oriented for users that minimizes the risks for the unit if the
model. The programming language chosen is secrecy of one or more of the keys is breached and
Microsoft Visual Basic that offers significant the keys are disclosed to unwanted parties.
capabilities for an efficient window based user Future work includes the possibility for sending
interface. The forms (i.e. the windows used) are the encrypted data files, the enhancement of the key
means of communication between the user and the management system with new capabilities as well as
application (for the purposes of data entry, function the improvement of the communication system so as
selection and the actual message composition and to include security precautions that concern the way
reception). in which a group of users is expanded and the
The main window (form) that the user employs control of their authentication procedures. As this
in order to compose or read messages is depicted in application is considered a test prototype, its pilot
Figure 2 below. The form contains information operation within the limits of a local area network is
about the user from whom the message is considered necessary. This operation will discover
originating, connection information like the date and possible problems or security faults and will lead to
time established and its duration, as well as an Internet version.
information about the local computer and user and
controls for facilitating the communication. Further Acknowledgments
details about the actual implementation with The authors are grateful to Prof.Antonios
simulation and test operation results, will be Andreatos,PhD, Director of the Department of

ISSN: 1790-2769 490 ISBN: 978-960-474-012-3

 MATHEMATICAL METHODS, COMPUTATIONAL TECHNIQUES, NON-LINEAR SYSTEMS, INTELLIGENT SYSTEMS

Computer Sciences of Hellenic Air Force Academy and Progress of Research in Cryptography,
for his continuous support during the research and Rome, Italy, 191–198, 1993.
the writing of this paper. We also want to thank [11] Farajun, Eran, “The Key to Information
Colonel George Geroulis, MSc, MPhil, PhD, Lifecycle Management is Cost-Effective
Director of Military Education of Hellenic Air Force Backup”, Computer Technology Review,
Academy who was very helpful with the many January 1 2006.
insightful discussions and comments on the early [12] “Integrated Life-Cycle Information and Data
drafts of this work. Management Solutions”,
http://www.xwave.com/files/credentials/integra
ted_life_cycle_information_management.pdf
References: [13] Stephen.Wilson, “Symmetric Key Management
[1] NIST Special Publication 800-21, Guideline for System (SKMS)”,
Implementing Cryptography in the Federal http://idtrust.xml.org/symmetric-key-
Government, Annabelle Lee, Security management-system-skms
Technology Group -Computer Security .
Division -National Institute of Standards and
Technology Gaithersburg, MD 20899-8930.
[2] D.W. DAVIES AND W.L. PRICE, Security for
Computer Networks, JohnWiley&Sons,New
York, 2nd edition, 1989.
[3] W. FUMY AND P. LANDROCK, “Principles
of key management”, IEEE Journal on Selected
Areas in Communications, 11 (1993), 785–793.
[4] W. FUMY AND M. LECLERC, “Placement of
cryptographic key distribution within OSI:
design alternatives and assessment”, Computer
Networks and ISDN Systems, 26 (1993), 217–
225.
[5] M. ABADI AND R. NEEDHAM, “Prudent
engineering practice for cryptographic
protocols”, DEC SRC report #125, Digital
Equipment Corporation, Palo Alto, CA, 1994.
[6] R. ANDERSON AND R. NEEDHAM,
“Robustness principles for public key
protocols”, Advances in Cryptology–CRYPTO
’95 (LNCS 963), 236–247, 1995.
[7] B. PRENEEL, R. GOVAERTS, and J.
VANDEWALLE, editors, Computer Security
and Industrial Cryptography: State of the Art
and Evolution (LNCS 741), 193–210, Springer-
Verlag, 1993.
[8] ELECTRONIC INDUSTRIES
ASSOCIATION (EIA), “Dual- mode mobile
station – base station compatibility standard”,
EIA Interim Standard IS-54 Revision B (Rev.
B), 1992.
[9] ISO 11166-1, “Banking – Key management by
means of asymmetric algorithms – Part 1:
Principles, procedures and formats”,
International Organization for Standardization,
Geneva, Switzerland, 1994.
[10] —, “Criticism of ISO CD 11166 banking —
key management by means of asymmetric
algorithms”, W. Wolfowicz, editor,
Proceedings of the 3rd Symposium on State

ISSN: 1790-2769 491 ISBN: 978-960-474-012-3

View publication stats