Abstract
In the past, web-based chat application didn’t consider security as part of must-have requirement, thus many insecure examples were broken in short time after it was released. Data sniffing is one common attack that could be used to attack insecure applications because the data was transferred using an insecure medium, which is HTTP. We propose a new web-based chat application that is built based on HTML5 WebSocket technology using Socket.IO library to improve confidentiality of the messages sent between two or multiple parties. We combine it with NodeJS and Express to facilitate real-time discussion between client and server and vice versa. We also use Rijndael (known as AES - Advanced Encryption Standard) to make sure that the message stays confidential and only known by sender and receiver. To satisfy the integrity property, we apply SHA-3 hash function. By combining SSL/TLS, AES, and SHA-3 hash function, we have added multiple layer of security inside this application and no additional effort needed by the user. Based on conducted experiments, we can conclude that this application could satisfy security requirements (confidentiality and integrity), either on the client or server side.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
