Secure messaging app for Android. Uses Google Cloud Messaging (GCM) as device to device transport (no backend required, other than GCM, of course).
Work in progress, currently can register new contacts with QR code scan and can send and receive messages. Need to add to conversation and contact management. See other TODOs below.
- AndroidKeyStore: To store the user's KeyPair
- ZXing: Coding and decoding QR codes into contacts for exchanging contact addresses
- gcm-server.jar: used to send push messages device to device
- ContentProvider/SQLite: persist contacts and messages, messages stored encrypted
- Symmetric Encryption (AES): used encrypt/decrypt message text
- Asymmetric Encryption (RSA): used to encrypt/decrypt symmetric key with public/private key pair
- Message Signature (SHA512withRSA): ensure message originated from specific key pair
Click image for larger view.
- Security review
- Delete contact(s)
- Unread messages on contact list not reading data store
- Conversation UI need a design
- Optionally add Contact when receiving message for unknown contact
- Explore other ways to exchange public keys and GCM IDs current can only exchange via QR code
- Explore other ways to transport messages, currently uses Google Cloud Messaging (GCM)
- New logo, current one doesn't play well on dark wallpapers