There are also likely bugs in our async implementation. Please note this library was recently deprecated. We use Anko to simplify our asynchronous code. Note that this secure messaging app is intended only to run locally on your machine, and we will not be covering how to deploy the example app to iOS or Android app stores. Prerequisitesīasic knowledge of Android (Kotlin) and Node.js is required to follow this how-to tutorial. Let's walk through and look at the important code needed for each step. If you'd like to follow along with running code, make sure you get both the backend and android running before continuing. See the README.md in each directory to see installing and running instructions. The code is split between the Android frontend contained in the android directory, and the Express (Node.js) backend is found in the backend directory. We'll use Stream's out of the box UI components to render the chat UI and Virgil to do all of the cryptography and key management. While this looks complicated, Stream and Virgil do most of the work for us. Virgil verifies the message is authentic by using the sender's public key. When the message is received, app decrypts the message using the Virgil and this is passed along to Stream's UI components. The receiving user decrypts the sent message using Virgil.Stream receives ciphertext, meaning they can never see the original message. The message is relayed through Stream Chat to the receiver. Before sending, the app passes the receiver's public key to Virgil to encrypt the message. The user types a message and sends it to Stream.The app asks Virgil for the receiver's public key.Once the user decides who they want to chat with the app creates and joins a Stream Chat Channel.The private key is stored locally, and the public key is stored in Virgil. This generates their private and public key. The user's app requests a Virgil auth token from the backend and registers with Virgil.The Android app creates a Stream Chat Client for that user. The user's app requests a Stream auth token and API key from the backend.A user authenticates with your backend.To accomplish this, the app performs the following steps: Stream's Messaging API will only see ciphertext, ensuring our user's data is never seen by anyone else, including us. Decryption and verification will both happen in the receiver's device. Our outcome will encrypt text on the device before sending a message. To build this app, we'll mostly rely on two libraries, Stream Chat Android and Virgil Security for Kotlin. Building an Encrypted Chat Messaging Application In essence, even if a malicious person gained access to the database containing the messages, that person would only see encrypted text, called ciphertext. No one in your company, nor any cloud provider you use, can read these messages. With Virgil's Android SDK, developers can securely create, store, and provide robust end-to-end encryption.ĭuring this tutorial, we will learn how to build a chat app that uses Virgil's encryption/decryption platform to prevent anyone except the intended parties from reading messages. Virgil Security is a vendor that allows developers to create end-to-end encryption via public/private key technology through the use of their robust and secure encrypted messaging service. To enable this, the messages that are sent are encrypted before leaving a user's device, and can only be decrypted by the intended recipient (end-user). What Is End-To-End Encrypted Messaging?Įnd-to-end encrypted messaging means that the users within that specific chat can only read messages sent between two people. Additionally, before jumping into this tutorial, I recommend checking out our Android in-app messaging tutorial, which will walk you through how to implement Stream Chat from a high-level overview. Note that all source code for this example Android app is available on GitHub. The example app embeds Virgil Security's eThree Kit – a secure encrypted messaging platform – with Stream Chat's Android components. These two services allow developers to integrate chat that is zero knowledge to your backend or Stream. Stream and Virgil make it easy to build a solution with excellent security by combining all of the features you would expect as a developer when creating a messaging app. To do this, we will combine the Stream Chat Platform and Virgil Security. In this tutorial, we'll build an encrypted chat/messaging example app for Android.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |