Teemu Makkonen Implementing Encryption for Qt-based Matrix Client Metropolia University of Applied ciences !achelor of Engineering Information Technology !achelor#s T"esis $% &ovember '%() Abstract Aut"or Teemu Makkonen Title Implementing Encryption for Qt-based Matrix Client &umber of *ages ,' pages +ate $% &ovember '%() +egree !achelor of Engineering +egree *rogramme Information Technology *rofessional Ma-or oft.are Engineering Instructors Ju"a-*ekka 01m1ri2 3ecturer T"e ob-ective of t"is t"esis .as to design and implement encryption for a messaging application t"at uses Matrix 4pen tandard to deliver t"e messages. T"e study .as purposed to be used as a solid base t"at can be expanded upon by creating t"e implementation in such a .ay t"at it is easy to change if anot"er encryption scheme .ould be used5 6or t"e purpose of t"e t"esis it .as necessary to look in to t"e "istory of encryption and modern cryptograp"y in order to gain more kno.ledge and to choose and design t"e proper encryption scheme t"at .ould fill out t"e necessary criteria set by t"e company. T"e bit by bit operations of t"e mostly used encryption schemes .ere studied as .ell as modern larger scale algorit"ms t"at provide more security around t"e strong encryption5 Matrix 4pen tandard needed to be studied as .ell for t"e understanding of "o. t"e messages are delivered5 T"e Qt cross-platform frame.ork .as used for t"e development and t"e messaging application .as running on a QEMU virtual emulator2 running t"e company’s o.n secure mobile operating system5 T"e implementation .as successful and t"e goals of encrypting and decrypting messages sent .it" t"e application .as achieved5 T"e company .as "appy .it" t"e results alt"oug" some parts .ere left .it"out much attention5 4verall t"e design and implementation gives good base to build upon or use it as is for future developments. T"e cryptograp"y kno.ledge gat"ered during t"is t"esis gave t"e company a lot of confidence as to t"e cryptograp"ic schemes explored in t"is study. It also gave t"em more understanding on t"eir future evaluations on di8erent encryption schemes implemented in t"e present study. 0eywords Cryptograp"y, encryption2 messaging2 communications, security Abstract Contents 3ist of Abbreviations 1 Introduction...............................................................................................................................1 2 Encryption.................................................................................................................................2 2 Modern Cryptography...............................................................................................................4 2.2 Symmetric-key Cryptography.........................................................................................4 '5'5( +ata Encryption tandard55555555555555555555555555555555555555555555555555555555555555555555559 '5'5' Advanced Encryption tandard55555555555555555555555555555555555555555555555555555555555(( 2.3 Asymmetric-key Cryptography.....................................................................................12 '5$5( : A55555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555($ '5$5' +i;e-<elmann 0ey Exchange5555555555555555555555555555555555555555555555555555555555555(= 3 Matrix pen Standard.............................................................................................................15 3.2 "istory...........................................................................................................................15 3.3 Architecture o# Matrix...................................................................................................16 3.4 Encryption in Matrix.....................................................................................................20 $5=5( +ouble :atchet Algorit"m55555555555555555555555555555555555555555555555555555555555555555555'( $5=5' 4lm555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555', $5=5$ Megolm555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555', 4 &t 'eve)opment *ramework...................................................................................................26 5 Imp)ementing Encryption #or Matrix C)ient............................................................................27 5.2 -oals.............................................................................................................................28 5.3 'eciding on Encryption.................................................................................................28 5.4 Application Architecture...............................................................................................31 5.5 Imp)ementation of Encryption.......................................................................................34 ,5,5( +ecryption5555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555$, ,5,5' Encryption55555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555$> 5.6 /eri0cation of 1esults...................................................................................................46 6 1esults.....................................................................................................................................48 Abstract List of Abbreviations Qt Cross-platform frame.ork maintained by t"e 6innish Qt Company. Created for building applications for any architecture or operating system5 0ey In cryptograp"y means a shared secret t"at contains information on "o. to decrypt cip"ertext into readable format5 *laintext Message in readable form5 Cip"ertext Message in encrypted form5 4T* 4ne-time-pad5 An old encryption scheme t"at provides unbreakable encryption5 It is limited by its key size5 *ublic-key T"e public part of a key pair t"at is used to encrypt messages for t"e person "olding t"e ot"er part of t"e key pair5 Can be publicly shared .it"out compromising t"e encryption5 *rivate-key T"e secret part of a key pair5 Used to decrypt and sign messages. <as t"e be kept as a secret and not shared .it" anyone5 *erfect secrecy Term used in modern cryptograp"y to indicate t"e encryption cannot be broken even if given unlimited resources to t"e adversary. 6or.ard secrecy Is a feature in modern cryptograp"y key agreement protocols t"at gives assurances t"at future messages .ill not be decip"erable even if one session key is compromised5 Computational security Is a definition used in modern cryptograp"y to describe t"at an encryption cannot be broken in a reasonable timeframe given t"e current state of computation5 Abstract ymmetric-key A key t"at is needed for bot" encryption and decryption5 Meaning t"e recipient of a message needs t"e same key as t"e sender in order to communicate5 tream cip"er An encryption met"od in symmetric-key cryptograp"y, ."ere t"e encryption is done to one bit at a time using a random stream of bits. !lock cip"er An encryption met"od ."ere t"e plaintext is divided in to block and t"e blocks are t"en encrypted separately from t"e ot"er blocks. @4: Exclusive or5 3ogical operation in cryptograp"y and mat"ematics in general2 t"at takes t.o inputs, % or ( for example2 and outputs ( if t"ey di8er and % if t"ey are t"e same5 IA Initialization vector5 Used as input data to alter t"e outcome of some algorit"m5 "ared bet.een t.o communicating parties to arrive at t"e same key after t"e IA is inputted in to an algorit"m5 EC! Electronic code book. An operating mode for block cip"ers, ."ere each block is encrypted individually. C!C Cip"er block chaining5 An operating mode for block cip"ers ."ere t"e encrypted result of each block is fed as an IA in to t"e next block, creating a chain5 +E +ata Encryption tandard5 A block cip"er t"at .as t"e first o;cial standard for encryption in t"e U 5 +E ' +ouble-+E 5 &ext iteration of +E to make it more secure2 ."ere +E is used t.ice5 +E $ Triple-+E 5 T"e final iteration of +E 2 ."ere t"e +E is used t"ree times. Abstract AE Advanced Encryption tandard5 After +E .as deemed insecure AE .as developed to be t"e ne. standard for encryption5 It is a block cip"er as .ell5 : A :ivest- "amir-Adleman5 Widely used public-key cryptosystem5 +i;e-<elmann 0ey Exchange Is a mat"ematical .ay of exchanging cryptograp"ic keys over a public net.ork. MAC Message Aut"entication Code5 A short piece of data usually in t"e "eader of t"e actual data used to aut"enticate t"e data5 AoI* Aoice-over-I*5 Term used to describe calls t"at go over t"e internet net.ork. +0 oft.are +evelopment 0it5 A collection of soft.are used to develop and build ot"er soft.are such as applications. <TT* <yperText Transfer *rotocol5 T"e underlying protocol of t"e .orld .ide .eb5 A*I Application *rogramming Interface5 Interface used by servers to serve clients .it" data or to collect data t"at clients send to servers. / 4& Java cript 4b-ect &otation5 A .ay of "andling and storing data in a "uman readable form5 Used .idely in .ebservices. :E T :epresantional tate Transfer5 Architecture many servers on t"e internet use for storing data5 4perates on top of <TT*5 0+6 0ey +erivation 6unction5 A term used in cryptograp"y for a function t"at takes some input and generates a key5 QEMU "ort for Quick EMUlator5 It is a lig"t.eig"t open source virtual emulator for emulating di8erent environments and operating systems. Abstract Elliptic Curve A mat"ematic function t"at defines a curve over a plane5 Used often in everyt"ing related