How UniMe implement the secured end-to-end chat app

Henry
Henry
Jul 15, 2020 · 3 min read

UniMe is a universal secured chat app and AI Chatbot/Blockchain hub. This is one of the Uniworld’s applications that provides an easy way for end-users to interact with Uniworld’s ecosystem. UniMe can be used as a normal messenger application except that all chat, data, audio/videos are encrypted from end-to-end, so that only involved participants can decode and understand the content of chats, audio/video calls. Moreover, users can use UniMe to create a Chatbot or create the chatbot conservation, interact with Bot and AI systems as well as manage their blockchain/crypto wallet, smart contracts and decentralized applications. In post, let’s discovery how UniMe implement secured end-to-end chat app.

UniMe secured end-to-end chat application is implemented according to TextSecure protocol (as known as Signal protocol) . The protocol can be roughly divided into three types of stages:

  • The initial key exchange, or X3DH (extended triple Diffie-Hellman) protocol [3], which combines long-term, medium-term and ephemeral Diffie-Hellman keys to produce a shared secret “root” value.
  • An asymmetric ratchet stage, where users alternate in sending new ephemeral Diffie-Hellman keys in a ping-pong fashion with previously generated root keys to generate forward-secret chaining keys.
  • A symmetric ratchet stage, where users take no additional entropy but instead use key derivation functions to ratchet forward chaining keys to create symmetric encryption keys.

Each message sent by a user is encrypted using a fresh message key, which attempts to provide a high degree of forward secrecy. The ping-pong pattern of new ephemeral Diffie-Hellman keys inject additionally entropy into this process, which is intended to continually achieve perfect forward secrecy as well as post-compromise security

As stated above, We can divide protocol as a multi-stage authenticated key exchange protocol.

Figure 1. A tree of stages from one example execution. The content of each node is the stage name and the session key derived during the stage.

The multi-stage authenticated key exchange protocol has the following main steps:

  • Registration: At installation (and periodically afterwards), both Alice and Bob independently register their identity with a key distribution server and upload some long-term, medium-term, and ephemeral public keys.
  • Session setup: Alice requests and receives a set of Bob’s public keys from the key distribution server and uses them to set up a long-lived messaging session and establish initial symmetric encryption keys. This is called the TripleDH handshake or X3DH.
  • Synchronous messaging: (a.k.a. asymmetric-ratchet updates) When Alice wants to send a message to Bob (or vice versa) and has just received a message from Bob, she exchanges Diffie–Hellman values with Bob, generating new shared secrets and uses them to begin new chains of message keys. Each DH operation is a stage of the “asymmetric ratchet” (and strictly occurs in a ping-pong fashion).
  • Asynchronous messaging: (a.k.a. symmetric-ratchet). When Alice wants to send a message to Bob (or vice versa) but has not received a message from Bob since her last sent message to Bob, she derives a new symmetric encryption key from her previous state using a PRF. Each PRF application is a stage of the “symmetric ratchet”
Figure 2. Message flow of an example execution between two clients A and B via a server S. Notation and some operations have been simplified for clarity compared to later use.

UniMe follows the microservice architecture for better scale and management. The following picture illustrates UniMe architecture at a high level.

Figure 3. UniMe application high level architecture

UniMe has finished the first phase of development, Application is available on:
Download UniME world for IOS device.

Download UniMe world for Android device.

Uni World

UniWorld, UniChain, UniMe, Blockchain, AI