Skip to content

Hyaxon/secure-p2p-messenger

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Secure P2P Messenger

A minimal peer-to-peer chat app that performs a password-based, encrypted handshake and then exchanges AES-GCM encrypted messages over a TCP connection. Includes a PySide6 GUI that shows plaintext, ciphertext, nonces, and connection status.

Features

  • Password-derived master key (PBKDF2-HMAC-SHA256)
  • Per-session key derivation (HKDF-SHA256) with rekeying
  • AES-GCM message encryption with associated data
  • Simple JSON framing protocol over TCP
  • GUI for hosting, connecting, and message inspection

Security Notes

  • This is a learning project; it is not production hardened.
  • The shared password must be communicated out-of-band.
  • If authentication fails, messages are rejected and the connection is closed.

Requirements

  • Python 3.10+
  • PySide6
  • cryptography

Setup

python -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt

Run

python main.py

Usage

  1. On one machine, enter a port and password, then click Host.
  2. On the other machine, enter the host IP, matching port, and password, then click Connect.
  3. Once the secure session is verified, type a message and click Send.

Protocol Overview

  • A TCP connection is established.
  • The host sends a setup packet containing a random salt and session ID.
  • Both peers derive a master key from the password and salt, then a session key from the master key, session ID, and rekey counter.
  • The client sends an encrypted "CLIENT_HELLO" and the host replies with an encrypted "SERVER_HELLO" to verify the shared keys.
  • Messages are encrypted using AES-GCM with associated data of the form "message:<rekey_counter>".
  • Every rekey_every messages, a new session key is derived.

Project Structure

  • crypto_utils.py: Key derivation, encryption, and decryption helpers
  • protocol.py: Framed JSON packet send/receive
  • network.py: Connection lifecycle, handshake, and message handling
  • gui.py: PySide6 UI and user interactions
  • main.py: App entry point

Troubleshooting

  • If you see "Message authentication failed", check that both sides used the same password.
  • If the connection drops immediately, verify the port is open and not in use.

About

Minimal encrypted P2P chat app with PySide6 GUI, password-based handshake, AES-GCM messaging, and TCP JSON framing.

Topics

Resources

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages