Q: What exactly is an IRC server? And what about channels?

A: CryptoChat uses the IRC system as the 'backbone' of its communications. Essentially, IRC (which stands for Internet Relay Chat) is a series of servers across the internet which host a multitude of channels for users to talk in. In the conventional sense, people use IRC in the same way as they might an internet chatroom - it is designed for communicating between multiple users. However, anyone can see what you are discussing on an IRC channel. Hence the idea behind CryptoChat.

There many different IRC networks which host channels, and these are made up of lots of servers located around the world. It it worth remembering that the channel #cryptochat on one network is not equivalent to the same channel on another network. All channels are prefixed by a hash symbol (though if you don't include one in CryptoChat the program automatically adds #cc to the start).

Q: So what server and channel should I use?

A: There isn't really any restriction on what setup you use, though as CryptoChat was designed and tested primarily with Freenode (irc.freenode.net), this is probably the best one to use. With regard to channels, you will want to pick a channel name which is not currently in use. If you enter a channel name which is already in use by non-CryptoChat users (for example, #music), then you will not be able to authenticate and so the encrypted chat will not work. Choosing a channel name like #mychannel34, for example, is probably a safe bet.

Of course, if you join an existing channel and leave the authentication key blank, then you can use the program just like a normal IRC client.

Q: Does it matter what my username is?

A: Not really, but you have to have a unique username (alternatively referred to as a 'nick') within the network. This rules out most common usernames like 'user1' or 'hello', but on the other hand usernames such as 'myname75' are likely to be available. If you do choose a username which is either in use or is registered, you will receive a message when you connect, and will either have to reconnect with a different username, or change your username from within the program (see below).

Q: Can I use my normal IRC nickname?

A: Yes. If you have registered your nick with a particular network's nickname registration service, then you can include your password in the CryptoChat setup file, setup.ini (it is the AUTHPASS entry in this file).

Q: What is the purpose of the setup.ini file?

A: If you open up setup.ini, you will see several different options for the CrpytoChat IRC connection. This file is primarily for specifying the default options when CryptoChat displays the Connection dialog (such as server, port, channel, username, authentication key and so on). There is also an option called AUTOCONNECT which will bypass the connection dialog and connect automatically if its value is set to 1. Of course, you need to specify all the connection details in the setup file for this to work.

There is another option called DESTROYAFTER, which is essentially a self-destruct feature for the setup file. If you set this to 1, once CryptoChat has connected successfully, it will delete the setup file. This is especially useful if you have included the authentication key in the setup file and only want the user to be able to connect once.

You can also set a value for MAXUSERS, which determines the maximum number of authenticated users permitted on the channel. This means that if the number of users specified by this option have already joined the channel and have authenticated successfully, then any further users who join will not be able to take part in a key exchange, regardless of whether their authentication key is valid.

Q: What is the authentication key for?

A: Without a means of authentication, you have no way of knowing that the person you are communicating with using CryptoChat is who they say they are. CryptoChat uses the Diffie-Hellman protocol to exchange the channel key with another user; this method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. The only problem is that you have no way of knowing who the person you are sharing the key with actually is.

The solution is to provide some form of authentication. CryptoChat uses a form of Password-authenticated key exchange, whereby each user knows a password (called the authentication key) which is used to encrypted part of the key exchange. Only if the authentication keys match does the resulting key turn out to be correct.

The authentication key doesn't really have to be as secure as a normal password, as the only attack on it is going through all the possibilities and seeing if the key exchange is successful. Given that you can only realistically send 1 message a second over IRC without getting disconnected, the time this would take is incredibly long (just over 5 days to try all the possibilities for an authentication key made up of 4 lower case alphabetical characters!). If you just want a one to one conversation, then by setting MAXUSERS to 2 in the setup file, you further reduce the need for a strong authentication key, as once you have both joined it doesn't matter if anyone else knows it; CryptoChat will ignore any further authentication requests.