SecureIM v0.9.4 http://www.vonnieda.org/SecureIM by Jason von Nieda 1. What is it? SecureIM is an encrypting proxy server for AOL Instant Messenger (AIM). It uses strong encryption to allow you to communicate using AIM while being guaranteed that no one besides the intended recipient can read your instant messages. SecureIM uses 2048 bit RSA key enchange and 256 bit Blowfish bulk encryption to secure your messages. 2. License Please read License.txt included with this archive to see what your rights with this software are. You have plenty of em :) 3. Installation You can use either the automatic installer file available at http://www.vonnieda.org/SecureIM or just copy SecureIM.exe somewhere that you like and run it. The program will handle the rest interactivly with you. 4. Quick Start To get started, install and run SecureIM. It may ask you a few questions the first time you start and you will be required to generate a key ring. Once the icon is in your system tray you are ready to go. Start AIM and you will notice the icon changes to show speech in the speech bubble. This is how you can tell that SecureIM is proxying your AIM connections. To start talking securely simply open a AIM window to a friend and type /secureon. SecureIM will prompt you for your key ring password and start the handshake protocol. If your friend is running SecureIM the session will become secure a few seconds later and SecureIM will notify you about it. If not your friend will see a message asking him/her to download and install SecureIM. Once they do you can try again. For additional help you can right click the SecureIM icon in your system tray and choose Help, or type /securehelp in any AIM instant message window. 5. Manual Configuration SecureIM is implemented as a SOCKS4 server listening on your localhost IP address of 127.0.0.1 on port 26935. If you would like to configure AIM manually to use SecureIM simply use those settings for your proxy in the AIM Preferences under Sign On/Off, Connection. 6. How does it work? SecureIM runs as a small background application. It shows up as a small blue head with a speech bubble in your system tray. When AIM is configured to use a proxy server with the settings described in [Manual Configuration] SecureIM intercepts all connections to the AIM servers and begins filtering and proxying those connections. When you or a friend types /secureon SecureIM begins a multi part handshake protocol. The protocol consists of verifying that both users are running SecureIM, sending a public key, receiving an encrypted session key and checking to see if both parties agreed on the key correctly. When handshake is complete the session is secure and any messages you send or receive to that person will be encrypted. Messages are sent encrypted using Blowfish with the 256 bit session key that was agreed upon. Messages are Base64 encoded so that they can properly pass through the AIM server. 7. How secure is it? Let me begin by saying I am not a professional cryptographer. I have spent several years studying the use of cryptography but I do not fully understand the math that goes into making an encryption algorithm secure. That said, SecureIM uses well tested implementations of two of the strongest encryption algorithms available to the public at this time. Both RSA and Blowfish have undergone years of testing and have been deemed secure when used with proper key lengths by many professionals in the cryptography world. I do not make any guarantee to the security of this program, but the source code is available and I am very open to peer review. At the very least, your messages are no LESS secure using SecureIM and any one interested in reading them is going to have a much harder time about it if you are using SecureIM than if you are not. Currently SecureIM is vulnerable to a man in the middle attack of the same kind that any unauthenticated public key exchange system is vulnerable to. If an attacker is able to proxy the packets between you and the AIM servers they can pretend to be the person you wish to communicate with, exchanging your friend's public key with their own and setting up a secure channel which they can read. This is an involved process to say the least and requires a very determined attacker but it is none the less a weakness. Programs such as SSH suffer from the same problem. A common solution is to store the public key of the person you are speaking with and to be concerned if it changes unexpectedly. SecureIM contains code to be aware of this situation but it is unfinished. While this is an acceptable solution to the man in the middle (MITM) problem it is not a definite guarantee of security. A better method is to have your public key authenticated by a trusted third party and cryptographically signed. This is the method that is used in protocols such as SSL. Most commonly a Certifying Authority (Verisign for most people) will confirm that you are who you say you are and then sign your key, assuring that anyone who receives that key can trust that it is indeed yours. This is the strongest solution but suffers from requiring a trusted third party. I don't think that Verisign is going to be willing to sign SecureIM keys any time soon and requireing AIM users to buy a $99 or more certificate to use SecureIM is probally too much to ask. An alternative solution, and one that I am currently developing is to become a Certifying Authority for SecureIM. Through vonnieda.org two main services will be offered. The first will be upload and storage of public keys on vonnieda.org. The SecureIM client will have the ability to check vonnieda.org when it receives a public key to see if that public key is registered to that person. The second will be a key signing service. This will be manual to start with and will consist of me having a conversation with someone over AIM and then signing their public key and making it available publicly. By received a signed public key you will know that I believe the person who is sending that key is the person who originally requested it to be signed. 8. Why did you write this? Cryptography has been an interest of mine since reading my first cipher in a news paper. When I began to learn about real cryptography the idea that something in plain view could be completely unreadable to anyone besides who was supposed to read it intrigued me. Especially interesting to me was the idea of an assymetrical cryptosystem which allowed anyone at all to encrypt a message that only I could decrypt. One day after accidentally seeing some AIM traffic on my network and seeing how incredibly easy it was for anyone to watch the traffic I decided to do something about it. Most people's AIM traffic is pretty benign and doesn't really require encryption but over the years I have decided that if encryption is easy to use and provides very little performance decrease there is no good reason not to use it. This has been a very interesting project for me and has taught me much on the subject of Win32 programming which was as much reason as any to write it. 9. Thanks to... My thanks go out to Wei Dai, maintainer of the Crypto++ library. Crypto++ is a great general crypto library written in C++ and is used all throughout SecureIM for all crypto services. Check it out at http://www.eskimo.com/~weidai/cryptlib.html My thanks to Kwanza Humphrey who graciously designed the icons for SecureIM. Check out his other artwork at http://www.khimages.com My thanks to James Hill who answered my unending Win32 API questions. Thanks to Nullsoft for writing NSIS which is a very nice, free installer maker. Check it out at http://nsis.sourceforge.net/ And many thanks to Kelly Clement, Jonathan Wagner, James Hill, Scott Duncan, and Ryan McQuade who selflessly installed the new version and let me test it every time I recompiled :)