| Posted by
| Nick Gammon
Australia (23,173 posts) Bio
Forum Administrator |
| Message
| If you are concerned about your privacy when playing MUDs there are various steps you can take.
- Obviously, talking in a room with others is not very private.
- Doing a "whisper" or "tell" is more private, but it is possible for MUD admins to snoop or log what you are saying.
- For more privacy again you can use the chat system to talk directly to someone else, thus bypassing the MUD altogether. However it is still possible for someone on the same network to snoop network packets.
For example, say you chat "see you tonight at six", then someone on the same subnet might do this:
$ tcpdump port 4050 -X -q -s 0
tcpdump: listening on eth0
...
13:40:55.199738 mypc.55587 > otherpc.4050: tcp 63 (DF)
0x0000 4500 0067 0a4a 4000 4006 1c43 0a00 0002 E..g.J@.@..C....
0x0010 0a00 0003 d923 0fd2 fd5d cf9a 002a 1275 .....#...]...*.u
0x0020 5018 1920 9d29 0000 050a 5065 7465 7220 P....)....Peter.
0x0030 6368 6174 7320 746f 2079 6f75 2c20 271b chats.to.you,.'.
0x0040 5b31 6d1b 5b33 366d 6d65 6574 2079 6f75 [1m.[36mmeet.you
0x0050 2074 6f6e 6967 6874 2061 7420 7369 781b .tonight.at.six.
0x0060 5b33 316d 270a ff [31m'..
The way to improve privacy here is to encrypt your chat sessions.
The plugin here shows a way of doing that. It assumes:
- You have made for yourself the aeslib.dll encryption DLL, based on the details presented in:
http://www.gammon.com.au/forum/bbshowpost.php?bbsubject_id=4988
- Exchanged keys in secret with people you want to communicate with. The method for doing this falls outside the scope of this message, however one approach would be to exchange them in person, if possible. Another would be to use something like PGP (Pretty Good Privacy) or GPG (Gnu Privacy Guard) to generate public and private keys, and use them to exchange a secret chat key.
- You have upgraded MUSHclient to version 3.58, which supports the new chat plugin callback OnPluginChatMessageOut. This lets us catch outgoing messages and encrypt them.
What this plugin does is maintain a list of people you want to chat with encrypted. At present it is a simple list (see bold text below), of chat usernames, and the key you have exchanged with them.
The plugin callback OnPluginChatMessageOut is called for each outgoing message. If it is message type 4 (text everybody), 5 (text personal) or 6 (text group) then the user name for that chat session is looked up in the list.
If found, the message is encrypted, and sent using special message number 200 + message code (ie. 204, 205, 206).
Then when that message (204, 205, 206) is received by the other end, the function OnPluginChatMessage detects that, and attempts to decrypt the message. On failure, an error message is displayed.
As written, the plugin will allow unencrypted messages out, however a small change would stop that happening.
Here is the plugin code ...
<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE muclient>
<muclient>
<plugin
name="Encrypted_Chat"
author="Nick Gammon"
id="af3df750c88cf6defc48799a"
language="Lua"
purpose="Encrypt chat sessions"
date_written="2004-12-10 09:25"
date_modified="2004-12-10 11:50"
requires="3.58"
version="1.0"
>
<description trim="y">
Converts chat sessions to encrypted for the users and keys nominated in the plugin.
</description>
</plugin>
<!-- Script -->
<script>
<![CDATA[
-- amend list of accepted users here (case sensitive)
-- for each user you specify the key you use to exchange messages
keys =
{
Nick = "swordfish",
Peter = "tunafish",
}
-- routine to compress, encrypt and encode a string
function compress_encrypt_encode (s, k)
return utils.base64encode (aes.encrypt (utils.compress (s), k))
end -- compress_encrypt_encode
-- routine to decode, decrypt, and decompress a string
function decode_decrypt_uncompress (s, k)
return utils.decompress (aes.decrypt (utils.base64decode (s), k))
end -- decode_decrypt_uncompress
function OnPluginInstall ()
if not loadlib then
error ("loadlib not available - " ..
"please enable in global preferences")
end -- no loadlib
-- install AES encryption library
if not aes then -- if not installed
f, e = loadlib ("aeslib.dll", "luaopen_aes")
if e then
error ("Could not install Encrypted Chat plugin " ..
"(loading aeslib.dll): " .. e)
end -- if
f () -- install it
end -- if not installed already
Note "Encrypted Chat installed"
end -- function OnPluginInstall
-- decrypt incoming messages
function OnPluginChatMessage (id, message, text)
user = GetChatInfo (id, 2) -- find who they are
if message >= 204 and message <= 206 then
key = keys [user]
if key then
status, result = pcall (decode_decrypt_uncompress, text, key)
if status then
ChatNote (message - 200, result)
else
ColourNote ("white", "red", "Cannot decrypt message from " .. user)
end -- bad result
return false -- we have handled it
end -- one of our known users
end -- if special message
return true -- normal processing
end -- function OnPluginChatMessage
-- encrypt outgoing messages
function OnPluginChatMessageOut (id, message, text)
user = GetChatInfo (id, 2) -- find who they are
if message >= 4 and message <= 6 then
key = keys [user]
if key then
ChatMessage (id, message + 200,
compress_encrypt_encode (text, key))
return false -- we have handled it
end -- one of our known users
end -- if message for everybody/personal/group
return true -- normal processing
end -- function
]]>
</script>
</muclient>
Once installed correctly, and the names and keys are set up, an attempt to send the same message results in this in the packet sniffer:
13:53:57.331860 otherpc.4050 > mypc.55587: tcp 110 (DF)
0x0000 4500 0096 4a53 4000 8006 9c0a 0a00 0003 E...JS@.........
0x0010 0a00 0002 0fd2 d923 002a 1275 fd5d cfd9 .......#.*.u.]..
0x0020 5018 204b c755 0000 cd39 694b 526e 6547 P..K.U...9iKRneG
0x0030 4c48 3971 7779 706b 4375 584b 6454 2b38 LH9qwypkCuXKdT+8
0x0040 6447 646d 6a35 6c35 356e 4b75 7958 2f30 dGdmj5l55nKuyX/0
0x0050 3271 4131 4d75 302b 794f 4746 7667 5266 2qA1Mu0+yOGFvgRf
0x0060 452b 794b 4357 7143 3951 392f 4a46 5966 E+yKCWqC9Q9/JFYf
0x0070 3362 7977 7879 646e 6655 466a 614f 7a30 3bywxydnfUFjaOz0
0x0080 2b57 6d74 4e69 4c32 7664 4633 6246 3061 +WmtNiL2vdF3bF0a
0x0090 6f47 5567 3dff oGUg=.
You can see that the message is now encrypted (and base64-encoded). The message number shown in bold in hex has changed from 05 in the original message to CD in this message (CD is hex for 205).
We can prove to ourselves that the right key is being used by using the function decode_decrypt_uncompress described in a recent forum post.
print (decode_decrypt_uncompress ([[
9iKRneG LH9qwypkCuXKdT+8 dGdmj5l55nKuyX/0 2qA1Mu0+yOGFvgRf E+yKCWqC9Q9/JFYf 3bywxydnfUFjaOz0 +WmtNiL2vdF3bF0a oGUg=
]], "tunafish"))
-- Output:
Nick chats to you, '[1m[36mmeet you tonight at six[31m'
The square brackets are for the ANSI escape sequences which colour the message. |
- Nick Gammon
www.gammon.com.au, www.mushclient.com | | Top |
|
![[Go to top]](/images/gototop.gif){kind=small}
top