Chat history encryption

Hi all,

how can we encrypt the chat messages in openfire database, for this i have downloaded archieve.jar and i put it under folder : openfire/target/plugin.

so now i am able to see chat messages in openfire database under specific tables archivemessages,archiveparticipants,archiveconversations.

under serversettings in openfireGUI / archive settings / i enabled the raido button and saved the settings.

so i am able to visble all my friends chat messages in the openfire database under table ( archivemessages ).

so my intention is how can we encrypted the chat messages in openfire database, can anyone suggest me about this issue.

is it possible to encrypt the chat messages or else there is any alternative.

reply would be appreciable

Anticipating your help

VaassDasari.

Hi,

why do you want to encrypt the messages? I assume that only the administrator has access to this table and that he does not abuse this option.

If clients are concerned about chat logging they will use p2p encryption anyway.

LG

Thanks for your reply,

k , however as per my client requirements i need to encrypt the chat messages in openfire database under archivemessages table. even admin should not able to visible chat messages. everything we should show in encrypted format. for eg: if we talk about gmail, eventhough gmail administrator have full access of database , but he not able to see the passwords,chatmessages of particular users, everything should be in encrypted format.

so , my intention is, any possibilites for this, how to encrpt the chat messages in openfire database. espeically in openfire dababase.

kindly help me about this issue.

your co-operation is higly solicited.

Thanks

Vaass

Hi Vaass,

who should be able to read the encrypted messages and what should (s)he need to read them?

When will one read them?

LG

Hi LG,

As per our discussion,

The encrypted messages should be visible by only for IM Clients ( GUI ). ie., a Openfire user who login to particular IM Client ( Eg: spark–> Only he/she opefire users , should have the access to see encrypted chat messages in IM Client ). he/she can visible all his friends chat messages. we should not set privileges to visible chat messages to Adminstrator. everything should be encrypted .

We should convert all encrypted chat messages into decrypted format and we should show all decrypted chat messages in IM Client in which he/she is a openfire database user.

Hope u got my point,

i request you to please revert to my comments.

Thanks

Vaass

Hi LG,

I am waiting for your reply, is it possible to encrypt the chat messages in openfire database, and moreover, it should decrypted and visible to IM Client ( GUI ) .we should not give privileges to admin , to decrypt the chat messages…

eagerly waiting for your reply,

Thanks

Vaass.

If only end user (in his IM client) should be able to see messages, and nobody else, then why saving them into database at all? Just remove monitoring plugin and disable message audit.

Hi Vaass,

I just re-read http://xmpp.org/extensions/xep-0136.html and I’d say that it is not possible to store the messages encrypted if you want to use this standard.

There may be an option anyhow which I can’t recommend:

Make sure that

• your clients send plain-text passwords.
• Openfire stores only the md5 hash of the password.
• Openfire uses the sha1 hash of the password to crypt and decrypt the messages.
• Openfire is used to chang passwords and that all relevant chat log columns are updated (decrypt(old-password) and crypet(new-password)).

LG

Thanks for your response LG,

Any one can tell me how can i access archived message at client side with the help of smack library. I am unable to pick up any api which can perform the required job. please share any view or any link from where i can get the solution to retrieve the chat archived at client hand.