The Hardware Side of Cryptography

8 June 2013

PONDOH : A simple voice chat application

Filed under: Uncategorized — edipermadi @ 1:00 am

During my trip from office to house, i was thinking of a simple “linux based” secure voice call software. Let say when A and B wants to talk each other using virtually private communication line over the net. The software is entirely built out of open source libraries such as voice compression library (Speex), Multi precision math (GNU multi precision library), packetizer (OGG) and Audio interface library (Jack) and Python GTK as its UI. The ciphering side would be done using AES 256.

Here is the big picture, 2 clients connected each other through server


The block diagram of each client.


Finally, this is prototype the binding and call initiating scheme.

Client A and B Setup:

1. Client A open connection to server S
2. Server S accepts connection from client A
3. Client A sends BIND PDU that contents its own user_id, say user_id_A
4. Server S returns RSA_8192((random_A | random | key_expiration | transport_key_A), public_key[user_id_A])
5. Client A sends AES_256(RSA_8192((random_A | random | password_A), private_key_A), transport_key_A)
6. Server S verifies (that tbl_password[user_id_A] == password_A) and sent random_A == received random_A. Close socket if failed
7. Server S marks that user_id_A is associated to transport_key_A

Call setup:
1. Client A sends AES_256(LIST_USER pdu, transport_key_A)
2. Server S returns AES_256(TLV_connected_user_ids, transport_key_A) to client A
3. Client A verifies that user_id_B is on the list, drop if failed
4. Client A sends AES_256(CALL_REQ(user_id_B), transport_key_A)
5. Server S sends AES_256(CALL_IND(user_id_B), transport_key_B) to client B
6. Client B sends AES_256(CALL_RSP(user_id_B), transport_key_B)
7. Server S sends AES_256(CALL_CNF(user_id_B), transport_key_A) to client A
8. Client A sends AES_256(RSA_8192(CHALLENGE_USER(rand_call_A), public_key_call[user_id_B]), transport_key_A)
9. Server S sends AES_256(RSA_8192(CHALLENGE_USER(rand_call_A), public_key_call[user_id_B]), transport_key_B) to client B
10. Client B verifies that rand_call_A was valid, send AES_256(CALL_DROP, transport_key_B) if failed
11. Client B sends AES_256(RSA_8192(CHALLENGE_USER(rand_call_B), public_key_call[user_id_A]), transport_key_B)
12. Server S sends AES_256(RSA_8192(CHALLENGE_USER(rand_call_B), public_key_call[user_id_A]), transport_key_A) to client A
13. Client A verifies that rand_call_B was valid, send AES_256(CALL_DROP, transport_key_A) if failed
14..Client A sends AES_256(voice_chuck_A, transport_key_A)
15. Server S sends AES_256(voice_chuck_A, transport_key_B) to client B
16..Client B sends AES_256(voice_chuck_B, transport_key_B)
17. Server S sends AES_256(voice_chuck_B, transport_key_A) to client A
18. Either Client A or client B sends AES_256(CALL_DROP, transport_key_X)
19. Server S forwards AES_256(CALL_DROP, transport_key_Y)

1. Client A holds CALL_PUBLIC_KEY of Client B and vice versa
2. Each client holds its own CALL_PRIVATE_KEY and AUTH_PRIVATE_KEY
3. Server S holds all AUTH_PUBLIC_KEY of all clients

Anyway, i’ll name it “pondoh”. A tasty breed of salak fruit😀

1 Comment »

  1. After all, email is literally what the Black – Berry was created for.
    Your search engine ranking will rise and this will in
    turn bring in more traffic and more money to your blog.

    Comment by Ouida — 11 February 2014 @ 12:07 pm

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at

%d bloggers like this: