408 lines
19 KiB
Plaintext
408 lines
19 KiB
Plaintext
[Underground Security Paper no. 1]
|
|
|
|
Encrypting Instant Messaging Conversations
|
|
|
|
v1.0
|
|
|
|
By: DIzzIE [antikopyright 2006]
|
|
|
|
Whenever you talk online with your instant messaging (IM) client of
|
|
choice, your conversations can be, and in all probability are,
|
|
recorded, monitored, and read. Any data which travels over a network
|
|
can be viewed using programs known as packet sniffers, with some
|
|
specially crafted programs, such as IM Sniffer or AIM Sniff, designed
|
|
exclusively to capture IM communications. No matter how pathetically
|
|
dull your treacherous life is, chances are someone is bored enough to
|
|
fuck with it.
|
|
|
|
What will soon follow is a list of various programs and plugins
|
|
which you can use with most standard IM clients to encrypt your
|
|
conversations. The focus will be predominantly on Windows systems
|
|
(though the tools discussed are often available for other platforms
|
|
as well), and will also only cover free (as in beer) software, as
|
|
there's no need to pay when there are plenty of gratis alternatives
|
|
(if, however, a time does come when the below mentioned tools stop
|
|
being free, there's a textfile on finding serial numbers here:
|
|
www.dizzy.ws/serials.htm).
|
|
|
|
Nota Bene: Always encrypt your conversations (even the seemingly
|
|
innocuous ones) and always keep regenerating (changing) your
|
|
encryption keys. The reason for the former is that, unless you are
|
|
intentionally spreading disinformation which you plan on the sniffers
|
|
seeing, whatever data you consider to be unimportant can be used to
|
|
compile a profile of you and your activities, which can in turn be
|
|
used to gain insight into life habits, password choices or those fun
|
|
password reminder questions, and so forth. The reason for the latter
|
|
is that the longer you use the same key to encrypt your
|
|
conversations, the more data and time the attacker has to spend on
|
|
trying to crack your encryption. Change your key once every hour,
|
|
every day, every week, or every chat session. The choice is yours,
|
|
just remember that the longer you use the same key, the more
|
|
vulnerable you become. Regenerating your key is also easier to do
|
|
with some of the programs below than with others, while some even
|
|
regenerate the key for you.
|
|
|
|
Now then, with no particular order in mind, on with the list!
|
|
|
|
---
|
|
|
|
Name: Gaim-Encryption (http://gaim-encryption.sourceforge.net/)
|
|
|
|
Key Strength: 512 to 4096 bit RSA keys.
|
|
|
|
Works With: Gaim (http://gaim.sourceforge.net/)
|
|
|
|
Operating Systems Supported: Windows/*nix
|
|
|
|
Protocols Supported: AIM, Jabber, ICQ, [unconfirmed], YIM
|
|
[unconfirmed], MSN [unconfirmed], Gadu-Gadu [unconfirmed], GroupWise
|
|
[unconfirmed], Napster [unconfirmed], SILC [unconfirmed], IRC [not
|
|
supported (while Gaim does act as a primitive IRC client, the Gaim-
|
|
Encryption plugin does not work with Gaim IRC, see below for IRC
|
|
encryption options)]
|
|
|
|
Installation Example: Download and install Gaim. Download the Gaim-
|
|
Encryption plugin and run the installer. Run Gaim. Click on
|
|
Preferences and go down to Plugins on the left-hand side. Find 'Gaim-
|
|
Encryption' listed on the right, and check the accompanying checkbox.
|
|
Restart Gaim. Go back to Preferences, and this time you should see
|
|
'Gaim-Encryption' listed under Plugins on the left-hand side. Select
|
|
'Gaim-Encryption' and in the Config tab on the right make sure that
|
|
'accept conflicting keys automatically' is unchecked, and
|
|
'automatically encrypt if buddy has plugin', 'broadcast encryption
|
|
capability' are both checked. Checking the remaining 'accept key
|
|
automatically if no key on file' box is optional.
|
|
|
|
Next, click on the Local Keys tab and select your key. If you don't
|
|
see any keys listed there, you will first need to start an encrypted
|
|
conversation with someone else who is using the Gaim-Encryption
|
|
plugin. Once the conversation has been started, go back to the Local
|
|
Keys tab and select your key. Click on Regenerate Key and in the
|
|
Generate Keys pop-up type in 4096 (the maximum key strength the GE
|
|
plugin supports at the time of this writing) instead of the 1024
|
|
value listed in the Key Size field, and hit OK. On slower machines it
|
|
will appear as if Gaim has frozen on the 'generating RSA key pair...'
|
|
screen. This is normal, and therefore you should not attempt to
|
|
restart Gaim, just give it a few minutes. The person with whom you
|
|
first initiated the conversation should also be regenerating zir key.
|
|
Once your key has been successfully regenerated, click on the Trusted
|
|
Buddy Keys and the Recent Buddy Keys tabs and delete the existing
|
|
1024 bit keys from your list.
|
|
|
|
|
|
Finally, restart Gaim and reinitiate your conversation. Both the Tx
|
|
and Rx locks in the IM window should now be red (you may also see a
|
|
confirmation dialogue pop up, which asks whether you want to accept
|
|
the key once or accept it and save it, or reject it. Ideally, you
|
|
should Accept Once). Now go back to the Recent/Trusted Buddy Keys
|
|
tabs and make sure that the key now stored there for your chat
|
|
partner is 4096 bits.
|
|
|
|
|
|
Assuming you possess a secure email account and/or secure phone
|
|
line, you should contact each other and confirm the Key Fingerprint
|
|
to help ascertain the identity of your chat partner, and then hit
|
|
Close to exit out of the Preferences menu. You should now be ready to
|
|
engage in secure conversations. Note: if when messaging your chat
|
|
partner the locks in the IM window do not turn red, make sure you
|
|
both have the 'automatically encrypt if buddy has plugin' and
|
|
'broadcast encryption capability' options checked in the Config tab,
|
|
and try clicking on the lock icons.
|
|
|
|
---
|
|
|
|
Name: Off-the-Record (OTR) Messaging (http://www.cypherpunks.ca/otr/)
|
|
|
|
Key Strength: ??? (some sort of Diffe-Hellman protocol?) [The
|
|
description of the OTR protocol is available here:
|
|
http://www.cypherpunks.ca/otr/Protocol-v2-3.0.0.html. It is complex
|
|
and convoluted, so I was unable to figure out what the key strength
|
|
is, if you do, however, then let me know!]
|
|
|
|
Works With: Gaim, Adium, Miranda IM [unconfirmed], iChat
|
|
[unconfirmed], Trillian [unconfirmed], vanilla AIM client
|
|
[unconfirmed] [note: with iChat, Trillian, and the vanilla AIM
|
|
client, OTR works using the OTR proxy program which I couldn't get to
|
|
work, however, Gaim, Adium, and Miranda IM use an easier to implement
|
|
OTR plugin which doesn't require the proxy tool]
|
|
|
|
Operating Systems Supported: Windows/Mac (OS X)/*nix [unconfirmed]
|
|
|
|
Protocols Supported: AIM; in theory, most other protocols the
|
|
aforementioned programs support should work as well (i.e. YIM, MSN,
|
|
etc, though I haven't tested them. Oh, and IRC which
|
|
Gaim/Trillian/others support is also not encrypted, so, once again,
|
|
see below for IRC encryption options).
|
|
|
|
Installation Example: Download the OTR plugin for Gaim and run the
|
|
installer. Run Gaim. Click on Preferences and go down to Plugins on
|
|
the left-hand side. Find 'Off-the-Record messaging' listed on the
|
|
right, and check the accompanying checkbox. Restart Gaim. Go back to
|
|
Preferences, and this time you should see 'Off-the-Record messaging'
|
|
listed under Plugins on the left-hand side. Select 'Off-the-Record
|
|
messaging' and click on the Config tab. Be sure that the 'Enable
|
|
private messaging' and 'Automatically initiate private messaging'
|
|
fields are checked.
|
|
|
|
You can now initiate the IM conversation with your chat partner.
|
|
Once the conversation has been initiated, and assuming you possess a
|
|
secure email account and/or secure phone line, you should contact
|
|
each other and confirm the Key Fingerprint to help ascertain the
|
|
identity of your chat partner. After the fingerprint is confirmed, go
|
|
back to the Known fingerprints tab and, selecting the screenname of
|
|
the chat partner whose fingerprint you have just confirmed, select
|
|
Verify fingerprint and hit Close to exit out of the Preferences menu.
|
|
You should now be ready to engage in secure conversations.
|
|
|
|
---
|
|
|
|
Name: SecureIM (http://www.ceruleanstudios.com/)
|
|
|
|
Key Strength: 128-bit Blowfish keys
|
|
|
|
Works With: Trillian
|
|
|
|
Operating Systems Supported: Windows
|
|
|
|
Protocols Supported: AIM/ICQ
|
|
|
|
Installation Example: Download and install Trillian. Run Trillian
|
|
and, clicking on the globe on the bottom left (or right-clicking on
|
|
the Trillian icon in the taskbar and then going to Options), click on
|
|
Preferences. Go down to AIM and/or ICQ under Chatting Services on the
|
|
left-hand side, then select Misc. In the SecureIM section, be sure to
|
|
check both 'Activate SecureIM Capabilities' and 'When possible, make
|
|
a best effort to automatically maintain a SecureIM session with my
|
|
contacts.' You'll need to do this for both AIM and ICQ if you plan on
|
|
using both protocols. Hit Apply and then OK to exit out of the
|
|
Preferences menu.
|
|
|
|
You can now initiate the IM conversation with your chat partner. The
|
|
locks in your IM window should turn red. You should now be ready to
|
|
engage in secure conversations.
|
|
|
|
---
|
|
|
|
Name: SSL Certificates (Available from syLIkc.NET:
|
|
http://secure.sylikc.net:8080/self_signed/ and Thawte:
|
|
http://www.thawte.com/secure-email/personal-email-
|
|
certificates/index.html)
|
|
|
|
[IMPORTANT:: www.aimencrypt.com also offers certificates, or rather
|
|
just one same certificate for everybody, which in turn means that
|
|
anyone can decrypt your conversations. In other words: Do not use
|
|
AimEncrypt!]
|
|
|
|
Key Strength: 128-bit keys
|
|
|
|
Works With: AIM; and possibly other IM clients which allow
|
|
importation of SSL certificates [such as?--know of one? Then email me
|
|
about it!]
|
|
|
|
Operating Systems Supported: Windows/Mac[unconfirmed]/*nix
|
|
[unconfirmed]
|
|
|
|
Protocols Supported: AIM; (same as Works With)
|
|
|
|
Installation Example: pr0to has written a great tutorial on
|
|
generating/installing a Thawte-issued certificate:
|
|
http://www.rorta.net/index.php?page=aimcrypt, and the sylikc.net
|
|
import instructions are here:
|
|
http://secure.sylikc.net:8080/self_signed/aim.php. After
|
|
generating/importing the certificate, you should now be ready to
|
|
engage in secure conversations.
|
|
|
|
---
|
|
|
|
Name: SimpLite (http://www.secway.fr/us/products/all.php)
|
|
|
|
Key Strength: 1024 to 2048 bit RSA keys
|
|
|
|
Works With: Gaim, Trillian, and the following vanilla clients: AIM,
|
|
ICQ, MSN, YIM, Jabber
|
|
|
|
Operating Systems Supported: Windows
|
|
|
|
Protocols Supported: AIM, ICQ, MSN, YIM, Jabber [unconfirmed]
|
|
|
|
Installation Example: Download and install SimpLite for your
|
|
particular protocol (note that each protocol has a separate SimpLite
|
|
program that you need to download). Run your particular flavour(s) of
|
|
SimpLite and the Keys Generation Wizard should pop up. If it doesn't,
|
|
click on Keys in the menu and go down to Generate key pair. Follow
|
|
the instructions and after a few steps you should have your key.
|
|
|
|
Run your supported chat program of choice, making sure that SimpLite
|
|
is still running in the background. After sending a message to your
|
|
chat partner, you should see your partner's key show up in the
|
|
SimpLite program, and your conversations should be under the Green
|
|
authenticated/encrypted arrows.
|
|
|
|
Assuming you possess a secure email account and/or secure phone
|
|
line, you should contact each other and confirm the Key ID to help
|
|
ascertain the identity of your chat partner. You should now be ready
|
|
to engage in secure conversations.
|
|
|
|
---
|
|
|
|
Name: FiSH (http://fish.sekure.us/)
|
|
|
|
Key Strength: 1080 bit Diffie-Hellman keys
|
|
|
|
Works With: mIRC, irssi, xchat
|
|
|
|
Operating Systems Supported: Windows/*nix/Mac (OS X) [unconfirmed]
|
|
|
|
Protocols Supported: IRC
|
|
|
|
Installation Example: Download the latest FiSH archive and extract
|
|
the contents into your mIRC directory (wherever mirc.exe is located).
|
|
Run mIRC and type '/load -rs1 FiSH.mrc' (sans quotes). Close mIRC.
|
|
Run the patch executable that matches your version of mIRC (click on
|
|
Help, then About (or just click on that yellow icon on the far right
|
|
of your toolbar) in mIRC to find out your version number).
|
|
|
|
When you extracted all of the files into your mIRC directory, you
|
|
should have extracted a file called blow.ini-EXAMPLE. Open this file
|
|
in Notepad and copy all of the contents. Close this file and open a
|
|
blank Notepad window. Paste the contents and save the file as
|
|
blow.ini (being sure to select 'All Files' from the Save As menu).
|
|
You just did this so that you have a nice clean backup copy of the
|
|
ini file in case you completely screw up this copy. For detailed
|
|
information regarding setting up the blow.ini file, read the FiSH.txt
|
|
file included in the FiSH archive you downloaded. However, a bare
|
|
bones blow.ini file will look something like this:
|
|
|
|
[FiSH]
|
|
|
|
process_incoming=1
|
|
process_outgoing=1
|
|
|
|
plain_prefix="+p "
|
|
|
|
[#RORTA]
|
|
key=d8SfskY0riaqsfd19ks220dUtQZmKdeWrp8ksfdLjsoig49dp7G
|
|
encrypt_topic=1
|
|
|
|
The first two lines mean that FiSH will drecrypt all incoming
|
|
messages and encrypt all outgoing messages, respectively. The
|
|
plain_prefix line says that all messages you send that start with '+p
|
|
' (note the trailing space) will be sent as plaintext (unencrypted).
|
|
The next line is the name of the channel you want to encrypt (you can
|
|
add more channels below, following the same format). The key value is
|
|
the encryption key for your channel, be sure to make it difficult to
|
|
guess by using a long string of mixed-case letters and numbers. The
|
|
encrypt_topic line asks if you want to encrypt the topic in the
|
|
channel (1 for yes, 0 for no).
|
|
|
|
As the FiSH.txt file rightly points out, exchanging channel key
|
|
information in plaintext is a security risk. Thus, you should ideally
|
|
tell other members of your channel the channel encryption key only
|
|
through an IM window that has been encrypted using one of the
|
|
aforementioned methods.
|
|
|
|
To encrypt private messages, either double-click on the user's name
|
|
to open up a private message window or message the user manually
|
|
(/msg username moo!) and wait for a reply to get a PM window open (if
|
|
you two aren't in the same channel). Then right-click in the PM
|
|
window and go to FiSH-->Auto-KeyXchange-->Enable, and then either
|
|
close/reopen the PM window or/and click on DH 1080 KeyXchange (which
|
|
is also in the PM right-click window under FiSH). You should now be
|
|
ready to engage in secure conversations.
|
|
|
|
Nota Bene I: The FiSH encryption key is not the same thing as the
|
|
channel key (mode +k). Naturally, your channel should also be set to
|
|
modes +sk to further protect the conversation. First, type /mode
|
|
#channelname +s (this prevents the channel from showing up in either
|
|
/whois or /list), followed by /mode #channelname +k yourchannelkey.
|
|
Your channel key should be different from your FiSH key, and merely
|
|
means that no one can join the channel without knowing this key (to
|
|
join the channel type /join #channelname yourchannelkey), whereas the
|
|
FiSH key means that no one can read the conversation, irrespective of
|
|
whether or not they can join the channel or not (network
|
|
administrators can monitor all traffic on their server, even if
|
|
they're not in the channel with you).
|
|
|
|
Nota Bene II: You can further secure your IRC connection by using
|
|
SSL (Secure Sockets Layer) (assuming both your client and the
|
|
particular IRC network support it).
|
|
|
|
If you are using the latest version of mIRC (6.14+), instructions
|
|
for setting up SSL are available here: http://www.mirc.co.uk/ssl.html
|
|
(the needed DLLs can be downloaded here:
|
|
http://remus.oru.se/tsub/mirc-ssl/mirc-ssl.zip, or extracted from the
|
|
OpenSSL installer linked to on the abovementioned mIRC site). Once
|
|
you install the necessary DLLs, type //echo $sslready and you should
|
|
get a reply of '$true.' To connect to an SSL server you can use the -
|
|
e switch before the server address or/and a plus sign (+) before the
|
|
port number, for instance: /server -e irc.rizon.net +9999.
|
|
|
|
Consult the readme files of other clients for information on their
|
|
SSL implementation capabilities. For instance, if you are using xchat
|
|
on *nix, install the OpenSSL libraries (www.openssl.org) and then
|
|
when connecting to the particular IRC server with SSL support add a
|
|
plus sign before the port, e.g. /server irc.rizon.net +9999.
|
|
|
|
Some networks also let you set certain modes for the channel (for
|
|
example, +S on Rizon), which require SSL to be enabled in order to
|
|
join the channel (ask in #help or browse the network's website to
|
|
find out if SSL servers and SSL-Only channel modes are supported).
|
|
|
|
Nota Bene III: The great thing about IRC encryption is that you can
|
|
encrypt entire channels, and thus have secure conversations between
|
|
groups of more than two partners (something which, as far as I know,
|
|
is not possible with any of the other aforementioned encryption
|
|
tools), so appreciate it and enjoy it! :)
|
|
|
|
---
|
|
|
|
Caveats & Miscellanea
|
|
|
|
As you have doubtless noticed, there's a plethora of encryption
|
|
plugins, with various levels of key strength. The Gaim-Encryption
|
|
plugin provides by far the strongest key pair (at 4096 bits),
|
|
however, it doesn't fly well on Macs. Therefore a feasible scenario
|
|
may have one user running Adium on a Mac, while another runs Gaim on
|
|
Windows, with both using the OTR plugin. Keep your options open, and
|
|
always use the strongest key pair possible (combine malleability with
|
|
security!).
|
|
|
|
There is no such thing as 'perfect security.' When I have repeatedly
|
|
stated that 'you should now be ready to engage in secure
|
|
conversations' don't come crying when your key is compromised due to
|
|
poor key handling on your part (insecure storage of keys, infrequent
|
|
regenerations, etc.). In other words: don't get sloppy, you lazy sack
|
|
of shit (this is a note to self as much as it is general advice ;)).
|
|
|
|
On the subject of log files: many IM clients have the option to
|
|
store logfiles of your conversations (and in many clients this option
|
|
is enabled by default!--so be sure to scan the preferences/settings
|
|
areas of your clients to disable logging). Logs are often (read:
|
|
almost always) stored in plaintext, even when you use the various
|
|
encryption plugins! Therefore if you do decide to enable logging, be
|
|
sure to encrypt the logfiles themselves (info on encrypting data will
|
|
be presented in a future segment of this Underground Security Paper
|
|
series).
|
|
|
|
You've probably noticed that various clients/protocols/OSes have the
|
|
'[unconfirmed]' label after them. This is simply due to the fact that
|
|
I haven't yet tested the particular encryption tool on those
|
|
protocols/systems. If you have, please let me know so I can update
|
|
the information in subsequent versions of this textfile!
|
|
|
|
Finally, note that the 'installation examples' are just that:
|
|
examples. As stated at the outset of this textfile, the focus has
|
|
been on Windows and therefore the examples lean towards Windows
|
|
scenarios. (Don't take them too literally).
|
|
|
|
If you have any comments, suggestions, see any IM encryption plugin
|
|
which wasn't mentioned, or anything else, feel free to drop me a line
|
|
at xcon0 @.t yahoo d0t c|o|m . This is also the first textfile in a
|
|
series I'm calling the Underground Security Papers. Successive papers
|
|
will discuss encrypting emails, miscellaneous data files, as well as
|
|
tips on maintaining anonymity and the like. To be kept abreast of
|
|
more USPs, send me an email with 'USP' in the subject.
|
|
|
|
Enjoy!
|
|
|
|
For more knowledge visit www.dizzy.ws & www.rorta.net. |