Tuesday, September 26, 2017 14:42

C++ Elgamal / IDEA Encrypted Port Forwarding

This is basically a multithreaded SSH clone written in C++, which I call “eglink”. It uses port forwarding over an established and encrypted channel to receive, encrypt then send data and visaversa on the opposite end. This is probably the most useful and efficient program I have ever made, as it has some extremely nice encryption schemes that make data transfer very fast (in fact, the same speed as normal, slowed only by the encryption process), and it has a HUGE number of potential uses.

Such things as blocked ports or protocols are a thing of the past as we can now port forward data over an arbitary port, and all data that is henceforth transfered is heavily encrypted. Furthermore, nc can now be a highly secure remote terminal session simply by piping it through eglink (this is true for ANY network program, they can all be highly secure by piping it through eglink).

Technical details of how it works are this:

Both listening and connecting eglinks wait for an incoming connection. The listening eglink runs on a server expecting incoming connections, and the connecting eglink waits for outgoing connections. The listening waits for an incoming encrypted connection, and the connecting is waiting for a nonencrypted connection.

Once the connecting eglink receives a connection from program A, it initialises a thread that connects and establishes a connection to the listening eglink, on the other end of the wire. The establishing of the connection works like so:

First it shakes hands and asks the listening eglink for it’s Elgamal public key. The public key itself has been generated using an initial prime in teh range of 10^350 to 10^400, which is considered secure in modern cryptography.

Once the public key is received, a random and temporary IDEA key is generated randomly through the use of /dev/random and sent encrypted using the public key.

Server side, the IDEA key is decrypted using the private key and then stored for the remainder of the session. From this point forward, all data to be sent encrypted is padded to be %8 == 0, then sent using IDEA encryption (which returns equally sized ciphertext from plaintext).

The connection has been established, so now the listening eglink creates a nonsecured connection to a listening host:port of choice running program B. Data is then transparently transfered between programs A and B and is fully encrypted when travelling between the eglinks. If eglinks are running locally on both computers, the data is encrypted for the entirety of its transfer.

‘eglink’ supports multiple connections and is stable in the case of sudden and unexpected disconnections or timeouts, in which case it cleanly closes the sockets and exits the forwarding thread.

Sample output for a listening eglink, to a `nc -l -e bash -p 4444`:

# ./eglink -h 127.0.0.1 -p 4444 -l 3333 -L

Listening for encrypted exchange connections on 3333
Encrypted exchange connection from 127.0.0.1:29635
Making plaintext connection to 127.0.0.1:4444…
…Done.
Shaking hands…
…Done.
Sending Public Key…
…Done.
Receiving IDEA Key…
…Done.
Connection Accepted, creating a 2 way forwarding thread
Port Forwarding Initialised: 127.0.0.1:29635  <—>  127.0.0.1:4444
Listening for encrypted exchange connections on 3333

Once the connection is terminated, the following output is seen:

Port Forwarding Terminated: 127.0.0.1:29635  <-/->  127.0.0.1:4444

From the connecting eglink, for which we were using `nc 127.0.0.1 1234`:

./eglink -h 127.0.0.1 -p 3333 -l 1234

Listening for unsecured connections on 1234
Plaintext connection from 127.0.0.1:54492
Making encrypted exchange connection to 127.0.0.1:3333…
…Done.
Shaking hands…
…Done.
Receiving Public Key…
…Done.
Sending IDEA Key…
…Done.
Connection Accepted, creating a 2 way forwarding thread
Port Forwarding Initialised: 127.0.0.1:3333  <—>  127.0.0.1:54492

*….. data is transfered for some time, no output shown….* Again once if the socket is closed or on either end malfunctions, the following is recevied:

Port Forwarding Terminated: 127.0.0.1:3333  <-/->  127.0.0.1:54492

Each step is checked and any inconsistencies result in forwarding termination. Each eglink may be used and reused, by single or multiple connections at once, making it an extremely versatile program.

The download will be up shortly.

3 Responses to “C++ Elgamal / IDEA Encrypted Port Forwarding”

  1. Thomas Davis says:

    Nice, reinventing the wheel

  2. robin says:

    Why thank you. Reinventing the wheel is sometimes useful in allowing one to understand its subtleties =P

  3. James says:

    Awesome blog!!!!!! By any practical definition of the words, foolproof and incapable of error!!!!!

Leave a Reply