Multi User Chat System using RSA Encryption and Signature with SHA-512 Hash

Abstract

In this paper we have implemented a multi-client secure chat system based on client/server architecture. Every client will almost certainly talk to different clients all the while (many-to-many) and share information and among themselves. Throughout the years chat framework which is an application or apparatus utilized for imparting between at least two people over a system, has been faced with issues of security, information integrity and privacy of data/information. Since every client is viewed as a trusted client, other are plain text attack which makes communication vulnerable against spying, The motivation behind this exploration is to build up a verified chat framework condition utilizing RSA encryption and Digital Signature, the Digital Signature is utilized to build up a protected communication channel, giving an improved verified strategy for verification of the chat system.

Introduction

Traditional communication methods like phones or letters are slow and costly for interacting with multiple people. The Multi-User Chat System enables users on the same LAN to communicate in real time through a client-server architecture using socket programming. Security is ensured using RSA public-key cryptography for encryption, decryption, and digital signatures, providing confidentiality, integrity, and authentication.

Key Components and Concepts:

• Socket Programming: Connects client and server machines over a network using IP and port. The server listens while clients connect, enabling message exchange.

• TCP/IP Protocol: Ensures reliable delivery and addressing of messages in the network.

• RSA Encryption: Uses two large primes to generate public and private keys. Messages are encrypted with the sender’s private key or recipient’s public key and decrypted correspondingly, securing communication.

• Digital Signatures and Hashing: Ensures integrity and verifies authenticity. Hash functions like MD5 and SHA-256 are used for message integrity checks.

System Architecture and Workflow:

1. Client Enrollment: Users create accounts and generate public-private key pairs stored on the server.

2. Key Exchange: Public keys are exchanged between clients and the server to establish secure communication.

3. Messaging: Messages are encrypted using the sender’s private key (or recipient’s public key), sent through the server, and decrypted by the intended recipient.

4. Authentication & Verification: Digital signatures ensure that messages are not tampered with and the sender is verified.

Implementation Highlights:

• RSA key generation involves selecting large primes, calculating public/private keys, and using modular arithmetic for encryption and decryption.

• Messages are sent over the LAN via TCP sockets, ensuring reliable and ordered delivery.

• The server manages multiple clients, encrypts messages, and broadcasts them securely.

• Hashing functions and digital signatures ensure message integrity and authentication.

Literature Insights:

• Previous work covered socket-based communication, client-server models, and digital signatures.

• Comparisons between hashing algorithms (MD5 vs. SHA-256) and signature schemes (RSA, DSA, ECDSA) highlight trade-offs in speed, complexity, and verification efficiency.

• RSA is widely favored for encryption and digital signature verification due to strong security and reliability.

Conclusion

In this research a secure multi user chat system was achieved using the RSA algorithm for encryption and decryption of the message using the server’s public key and private key and the client’s public key and private key, the authenticity of the message was verified using an RSA based signature. To test the integrity of the message SHA-512 hashing algorithm was implemented. This system implements a very secure systems, thus the computational overhead of the system is high.

References

[1] Toll, W. E. (1995, March). Socket programming in the data communications laboratory. In ACM SIGCSE Bulletin (Vol. 27, No. 1, pp. 39-43). ACM. [2] Xue, M., & Zhu, C. (2009, May). The socket programming and software design for communication based on client/server. In 2009 Pacific-Asia Conference on Circuits, Communications and Systems (pp. 775-777). IEEE. [3] Ardy, R. D., Indriani, O. R., Sari, C. A., Rachmawanto, E. H. (2017, November). Digital image signature using triple protection cryptosystem (RSA, Vigenere, and MD5). In 2017 International Conference on Smart Cities, Automation & Intelligent Computing Systems (ICON-SONICS) (pp. 87-92). IEEE. [4] Zhou, X., & Tang, X. (2011, August). Research and implementation of RSA algorithm for encryption and decryption. In Proceedings of 2011 6th International Forum on Strategic Technology (Vol. 2, pp. 1118-1121). IEEE. [5] Saxena, N., & Chaudhari, N. S. (2012, October). Secure encryption with digital signature approach for Short Message Service. In 2012 World Congress on Information and Communication Technologies (pp. 803-806). IEEE. [6] Dobraunig, C., Eichlseder, M., & Mendel, F. (2015, November). Analysis of SHA-512/224 and SHA-512/256. In International Conference on the Theory and Application of Cryptology and Information Security (pp. 612-630). Springer, Berlin, Heidelberg. [7] Rachmawati, D., Tarigan, J. T., & Ginting, A. B. C. (2018, March). A comparative study of Message Digest 5 (MD5) and SHA256 algorithm. In Journal of Physics: Conference Series (Vol. 978, No. 1, p. 012116). IOP Publishing. [8] H Gilbert, H Handschuh Gilbert, H., & Handschuh, H. (2003, August). Security analysis of SHA-256 and sisters. In International workshop on selected areas in cryptography (pp. 175-193). Springer, Berlin, Heidelberg. [9] https://www.yworks.com/products/yed-live online tool for diagrams [10] https://samsclass.info/141/proj/pCH-RKF.htm [11] Stallings, W. (2017). Cryptography and network security: principles and practice (pp. 92-95). Upper Saddle River: Pearson. [12] https://stackoverflow.com/ [13] https://pypi.org/ [14] Huston, G., & Michaelson, G. (2016). The Profile for Algorithms and Key Sizes for Use in the Resource Public Key Infrastructure (No. RFC 7935). [15] Danasingh, Asir Antony. (2016). Performance Analysis of Data Encryption Algorithms for Secure Data Transmission. International Journal for Science and Advance Research in Technology. 2. 388-390.

Copyright

Copyright © 2025 Balamurugan Aathavan. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.