logo
Hidden Conversations V3 Back to Home Page



Ever wonder who might be listening to your online conversations. Aside from all the possibilities with Social Media sites, your email is anything but private. And it doesn't matter if you are using TSL (Transport Layer Security). This security system is only for the transport layer, and does not cover storage. And even if the messages get stored encrypted, guess who controls the Encryption/Decryption. Your only way around it is to encrypt the message before you send it, and the person at the other end must have the decryption key. And if you are using central storage for your messages (AKA Cloud computing), the encrypted message is always available for someone to try and figure out the key.

Hidden Conversations is a 2 part private messaging system with built in encryption/decryption. There are 2 basic types of cryptography. The first utilizes Asymmetric Keys. Asymmetric Keys use a Public Key at one end for encryption, and a Private Key to decrypt it at the other end. Because the Public Key is well.... public, it has to be relatively large to prevent hackers from figuring out the Private key. As of the end of 2013, the IETF is recommending a key length of 2048 bits/256 bytes, and most big organisations have already moved to 2048 bits. The big advantage of using Asymmetric Keys is they allow for confirming the holder of the Private Key by verifying a message encrypted with the private key, and decrypted using the public key.

Symmetric keys on the other hand can be much shorter and more efficient because they are unique for each session and shared by both sides. To give you an idea, an RSA 1024-bit asymmetric key is considered roughly equal to an 80-bit symmetric key. TLS actually uses both types. Public/Private keys are used to negotiate a Symmetric or Session Key. The Session Key in TLS is 384 bits/48 bytes, so it should be around for a while.

Hidden Conversations takes it one step further. The Symmetric key is different for every packet. In that way, we can use even shorter Symmetric keys. Version 1 used a password to start the conversation, so both ends used the same password. Version 2 used a Public/Private key pair to start the conversation, and added a header to allow longer packet lengths. It also added password protection to start the program, which Version 2.5 expanded on with password encryption.

Versions 1 & 2 would not work with Windows systems using a character set other than Latin (such as Chinese or Arabic). Version 3 has replaced the cSocket2.cls with a slimmer and faster NewSocket.cls, and clsCrypto.cls has been updated. Version 3 is now Unicode compatible. It is NOT Unicode compliant. Version 3 uses a 2048 bit Public/Private Key Pair to initiate the conversation, and packets are structured with a record length.

Hidden Conversations consists of 2 programs, a host or server program called HConSvr.exe, and a client or remote program called HConCli.exe. The host program listens for a connection on the TCP port of your choice, and on the first attempt will prompt you for a password. The Host program starts minimized, and will resize to a normal window when a connection is made. When the connection is lost, it is minimized again and waits for a new connection.

The Client program has a different starting window, although the communication window is very similar to the the Host window.

Clicking on the Connect button with the appropriate destination address, port, and key will cause the communications window to open and attempt to connect. Then type your messages and await the replies. It's as simple as that.

NOTE: The Cryptography routines will probably work on all versions of Windows, but the TCP/IP portion of the program will only work on dual stack systems that support both IPv4 and IPv6. This more or less restricts it to Windows Vista or later. IPv6 has not been enabled or tested as yet, due to lack of a true IPv6 network.

Back to Top


| Home Page


address