Hacker 10 – Security Hacker

Computer security
Menu
  • Anonymity
  • Encryption
  • Mobile Phone
  • Other
  • Security

Protect your privacy with a no logs VPN!

Join TorGuard
Home
Security
Encrypt conversations using online chatroom Cryptocat
Security

Encrypt conversations using online chatroom Cryptocat

John Durret 8 July, 2011

Up to 21 people can chat in Cryptocat using the same encryption key, there is no need to install or download any software, this online chatroom will work at any computer or mobile device with a browser.

The first thing you will need to know to use this secure chatroom is the chatroom name, there isn’t any list of available chatrooms, they are all secret and unless you know what they are called you can’t join in, but you can create a secret chatroom and send a link to the chatroom to your friends. Once you log in you will be asked to move your mouse around to gather random data to help get entropy, you can chat in clear text in the box or enter a password inside a blue bar and then only those who know the password will be able to read the messages, the other people in the chatroom will read the text “encrypted“, in case you use a very weak password to encrypt the communications Cryptocat will let you know of its strength.

Chatroom messages are ciphered using symmetric AES256, anything you type is encrypted and verified for integrity before leaving the computer, encryption is performed in the browser using a script (crypto-js library), a SSL certificate secures the data transmission in between the browser and the chatroom, even if someone compromised Cryptocat servers all they would see is encrypted data, Cryptocat itself can not decrypt the conversations, the messages are wiped after 30 minutes of inactivity, and if you want to add anonymity the chatroom could be accessed  through a proxy like tor to hide your computer IP (visible to the server), the chat doesn’t use Java.

Cryptocat encrypted chatroom

Cryptocat encrypted chatroom

The only downside I found is that you need to transmit the passphrase through a secure channel, that is the weakest point, the more people involved in the encrypted chat the more possibilities someone will leak out the passphrase due to negligence. This site should be of great value for activists using an Internet cafe for communication or those in fear of their ISPs surveillance on them, keyloggers would then be the only possible weapon, using a different public computer for each Internet session will make it difficult for someone to plant a targeted trojan.

Visit Cryptocat homepage

Reddit
Tweet
Email
Prev Article
Next Article

Related Articles

Cipher Image steganography software
Cipher Image let’s you hide plain text inside photos, a …

Steganography software Cipher Image hides text in pictures

CIA money bundle 500 Euro bank notes
After the recent arrest of CIA agent Ryan Fogle by …

CIA instructions for secure email communications leaked

About The Author

John Durret

Leave a Reply

Cancel reply

TorGuard

Pages

  • About
  • Anonymous OS list
  • Email encryption
  • Free VPN
  • Privacy Browsers
  • USB encryption

Blogroll

  • LibertyVPS.net
  • TorGuard VPN

Hacker 10 – Security Hacker

Computer security
Copyright © 2021 Hacker 10 - Security Hacker
Privacy by TorGuard VPN