The app I am developing is an end-to-end screensharing and remote control software. There are three components
- Host - The user that wants to share their screen
- Client - The user that wants to view and control the Host's screen
- Server - The server used for authentication and to proxy information between the Host and the Client
The goal is to create a cryptographical protocol that allows the host and the client to communicate end to end encrypted, using the server as a proxy. The host and the server should both be able to authenticate the client.
The system should still be secure even if the server is compromised.
In reality, the Host and the Client will usually be talking to each other over the phone or have some external means of communication. For purposes of this protocol we don't care whether the external means of communication is secure or not.
- Host requests an ID from the server. The server responds with a 10 digit code, N, used for identification/routing
When a Client is ready to connect, the Host will communicate N externally (probably over the phone) to the Client. For purposes of this protocol we don't care how secure of a method is used for this exchange.
- Client sends N to the server over TLS. Server proxies data over TLS between the Client and the Host.
Host <-TLS-> Server <-TLS-> Client
- Client sends "auth" to Host
- Host generates a short (10 character) securely random alphanumeric (lowercase + numbers) code, X. (~52 bits of entropy)
- Host generates a key pair, where PKH is the Host's PublicKey
- Host communicates X externally to Client
- Once the Client has X, the Client generates a keypair, where PKC is the Client's PublicKey
- The Client sends "exchange" to Host
- Host records a unix timestamp, TH, generates an exchange package, containing [HMAC(TH || PKH, X), TH, PKH], and sends it to the Client, where HMAC is HMAC-bcrypt with a cost value of 10
- Once the Client receives the Host's exchange package, it compares the current time with TH. If time difference exceeds 10 seconds, the Client hard fails and follows the disconnect procedure (not listed).
- The Client verifies the MAC
- The Client performs Diffie Hellman with PKH and their own private key to produce a secret key, S
- The Client records a unix timestamp TC and sends it's exchange package, [HMAC(TC || PKH, X), TC, PKC], to the Host
- The Host compares TH with the current timestmap. If time difference exceeds 5 minutes, the Host hard fails and follows the disconnect procedure (not listed).
- The Host compares TH and TC. If time difference exceeds 10 seconds, the Host hard fails and follows the disconnect procedure (not listed).
- The Host verifies the MAC
- The Host performs Diffie Hellman with PKC and their own private key to produce the same secret key, S
- Client and Host now use S to encrypt all communication
Host requests an ID from the server. The server responds with a 10 digit code, N, used for identification/routing
When a Client is ready to connect, the Host will communicate N externally (probably over the phone) to the Client. For purposes of this protocol we don't care how secure of a method is used for this exchange.
Client sends N to the server over TLS. Server proxies data over TLS between the Client and the Host. Host <-TLS-> Server <-TLS-> Client