A cryptographic approach for secure client - server chat application using public key infrastructure (PKI)

Nowadays, while the popularity of chat applications increases, this popularity brings some security problems with it. A variety of authentication mechanisms and encrypting methods are suggested and applied between server and client to minimize the increasing security problems in literature and marketing companies. In this study, various security measures have been considered for instant messaging applications, a java based client-server chat application developed by Professor Dan Boneh [1] and his assistants from Stanford University has been made secure and a secured chat application model which has three steps has been developed. At the first step, server has been identified itself to certificate authority and password authentication procedure has been performed to identify client itself to server. The second step is called as connection and client connects to chat room via ticket granting ticket (TGT) request in this step. Messages written by clients are sent to server cryptically through symmetric encryption method Advanced Encryption Standard (AES) in the third step which is called as encrypted messaging too. Source code of this application is accessible to everyone from the reference [9].