A command-line chat demo that showcases end-to-end encryption and message integrity with AES-256-CBC and HMAC-SHA256.
- Overview
- Cryptographic Flow
- Requirements
- Build Instructions
- Generating Shared Keys
- Starting the Secure Chat
- Sample Terminal Output
- Command Options
- Learning Notes
- Author
This program simulates an encrypted chat between two users using two terminals. Both users can send and receive messages securely in real-time, just like WhatsApp, but with every cryptographic step displayed in the terminal. The system uses AES-256-CBC for encryption and HMAC-SHA256 for message authentication, ensuring confidentiality and integrity. Each step is shown clearly for learning how secure communication works at a low level.
Both terminals act as sender and receiver.
When sending a message, the program displays:
- Original message
- Generated IV (Initialization Vector)
- Generated MAC (Message Authentication Code)
- Message + MAC (combined)
- Encrypted output
- Sent data
When receiving a message, the terminal shows:
- Received IV
- Ciphertext
- Decrypted message
- MAC verification result
If MAC verification fails, the receiver is alerted to possible message tampering. This demonstrates both confidentiality (AES) and integrity (HMAC).
Install the OpenSSL libraries before building the project:
sudo apt install libssl-devCompile the chat application with:
gcc -O2 crypto_chat.c -o crypto_chat -lssl -lcrypto -lpthreadCreate shared keys for both users:
./crypto_chat -gThe program outputs a 128-hex-character key (first 64 = encryption key, next 64 = MAC key). Both users must use the same key.
Example
Shared keys (hex): a9f2109dbc28d97182001fb71f8bd7fba163442b8ed2800bd21e78dec46a25e3e4e4f0e24b6586157a7ca07d2793182a9c9752c6777c753139b1e4e457685cb8
Open two terminals to begin chatting.
Server / User A
./crypto_chat -p 5555 -k a9f2109dbc28d97182001fb71f8bd7fba163442b8ed2800bd21e78dec46a25e3e4e4f0e24b6586157a7ca07d2793182a9c9752c6777c753139b1e4e457685cb8Client / User B
./crypto_chat -c 127.0.0.1 -p 5555 -k a9f2109dbc28d97182001fb71f8bd7fba163442b8ed2800bd21e78dec46a25e3e4e4f0e24b6586157a7ca07d2793182a9c9752c6777c753139b1e4e457685cb8Now both terminals can chat securely. Every sent message goes through encryption and authentication steps, and every received message is decrypted with MAC verification.
Enter message: hello
Generated IV: 71c39a...
Computed MAC: ae23f9...
Appended message + MAC: 68656c6c6f|ae23f9...
Encrypted output (AES-256-CBC): 8a7e0c4b...
[SENT] Encrypted message sent.
[RECEIVED]
Received IV: 71c39a...
Ciphertext: 8a7e0c4b...
Decrypted: hello
MAC verified ✅
| Flag | Description |
|---|---|
-g |
Generate new keys |
-p |
Start as server (listening on port) |
-c |
Connect as client (IP required) |
-k |
Provide shared AES+HMAC keys |
This is a hands-on educational project showing cryptography in action inside a real-time chat system. It helps visualize encryption, authentication, and data flow between two endpoints.
Bhuvan B N
LinkedIn