CrypTweet: Experimental Twitter Encryption

CrypTweet is a collection of Python programs designed to work together, using RSA public-key cryptography so that anyone can send you an encrypted direct message (DMs), but only you can read it.

After the treatment that Jacob Appelbaum and others have had at the hands of the the government of the United States of America, it has become clear that Twitter users require a secure communication channel; one that, even when subpoenaed, would not easily give up its secrets.

The solution is obvious: strong encryption.

IMPORTANT: CrypTweet Security Flaws Identified

After CrypTweet's release on 20 February 2012, a number of people have examined the code, and have indicated that it has security flaws. The flaws identified thus far are:

• No explanation of the internal operations of CrypTweet;
• No HTTPS access for the public-key server;
• Utilization of SHA384 for hashing of passwords used to protect the private key;
• Utilization of poor DES3 parameters for encrypting the private key;
• Utilization of RSASSA-PKCS1-v1_5 for signing, rather than RSAES-PKCS1-v1_5.

This means that CrypTweet, in the words of one reviewer, is 'a toy'. It does not provide real security, just the illusion of security.

CRYPTWEET IS NOT SUITABLE FOR SENSITIVE USES.
IT IS AN EXPERIMENT.

With the assistance of the cyptographic community, I hope to correct the identified shortcomings in the next version of CrypTweet. Cryptographic software is neither easy to design nor review, so it may be some time before CrypTweet is deemed appropriate for securing sensitive information. That is the eventual goal.

CrypTweet is distributed under the MIT License, a very permissive, GPL-compliant, open source license. Please use it, reuse it, and fork it as you see fit!

I am deeply indebted and dependent on the fine folks who wrote the bottle, RSA, pyDes, twitter and pyasn1 modules. This work would not exist without theirs. Many thanks to my long-suffering alpha testers: kcarruthers, RealNickHodge, stilgherrian, danoot, wyld, ZenPsycho, sylmobile, rossdawson and embee.

This work was funded in part by a generous grant from the Shuttleworth Foundation, which was engineered by the very busy and creative Paul Gardner-Stephen. I am indebted to both.

@mpesce - last updated 21 February 2012

Frequently Asked Questions

Coming soon!

If you want to install CrypTweet on multiple computers, you must migrate your public and private keys. There will be tools to do this -- but they aren't finished yet. For now, go into your home directory, and look for the two files:

• .cryptweet-pubkey-pem
• .cryptweet-privkey-sec

Copy these two files to the home directory of the machine you plan to install CrypTweet upon. Run python ctsetup.py on the new machine. The setup will use the existing keys, but you will still have to authorize that machine to read your Twitter Direct Messages.

You may notice that a single direct message becomes 3 encrypted direct messages. This is because the RSA key size is 3072 bits (384 characters) in length - which makes it very secure. All encyrpted messages are that size. That's three direct messages, so a direct message, when encrypted, is transmitted as three that are reassembled by the receiver before being decrypted.

CrypTweet is really intended to be running entirely within your mobile. While an Android port is underway, CrypTweet already has been tested on the Nokia N9 (running Meego, a flavour of Linux), and works flawlessly.

If you have a jailbroken iPhone or iPad, you can install CrypTweet, but it requires a newer version of Python than is available from the Cydia package manager. Here's a link to an iOS version of Python 2.6.5 - ideal for running Cryptweet. Once it's correctly installed, you can install CrypTweet just as you would on any other computer, and it'll work.

Word of warning: Even on an iPhone 4S, decryption is not terribly fast. And all that math sucks down the battery quickly.

If something dies on you - and it probably will, this is brand new software, do me a favor and mail a bug report to mpesce@plexusproject.org. If you get a Python stack trace (assuming you know what that is), send it along in the body of the email it will really help me solve problems more quickly.

All reports, suggestions, new uses, comments, improvements are welcome!

• I've typed my passwords in correctly, but it says they're wrong!
  This is a known bug, which seems to affect Windows 7 systems. We think we have solved it, but if you see it, the current workaround is to delete your public and private keys, then rerun python ctsetup.py, using new, shorter, and less weird password characters.
• CrypTweet says it can't find the public key for another Twitter user!
  If you don't have a local copy of another user's public key, CrypTweet will go out to the public key server to request a copy of the key. If the user you want to send a CrypTweet to has not setup CrypTweet on their computer, they will not have generated and uploaded a public key to the keyserver, so there won't be a key to use for encryption.

  If you know for sure the user has set up CrypTweet, check the spelling of the user's Twitter username. Those usernames are case-sensitive in CryptTweet, so "Mpesce" does not equal "mpesce".

Installing CrypTweet

First, you will need a computer with a Python interpreter (version 2.6 or greater, but not Python3, download here). Cryptweet is designed to work with a basic Python installation. No additional packages are necessary, because CrypTweet comes with 'batteries included'.

Next, download Cryptweet (current version 0.03):

• cryptweet.tar.gz (for Linux/OSX) SHA256: 389eb47cf59d013e30e7a58dee6231cb2bc7d9436eafd3ae1f0fb6bd93a00f53
• cryptweet.zip (for Windows 7) SHA256: b9af5364fc54e68844b642ec8e2dac410c8391dcabcbfce90d0e150604bb1dbd

This is the only legitimate download site for CrypTweet.

Once you've downloaded the file, expand it. It will become a directory named 'cryptweet'.

Open a terminal on your computer - this is Terminal.app on OSX, or cmd.exe on Windows. From the terminal, traverse to the cryptweet directory. Once there, type the following command:

python ctsetup.py

When you hit return, CrypTweet will begin to run its setup. This setup does a few important things:

• CrypTweet will attempt to establish Twitter credentials. Cryptweet will probably launch your browser - or launch a URL if your browser is already open. You may be asked to sign into Twitter. You will be asked whether you want to give CrypTweet access to your Twitter account.
  
  When you agree to do so, Twitter will display a 7-digit number.
  
  Write this number down. Go back to the terminal. When the terminal asks you to enter this number, type it in and hit return.
  
  This will give CrypTweet the authorization it needs to send encrypted DMs on your behalf.
• Next, CrypTweet will generate an RSA keypair for public key cryptography. A keypair has two halves, the public key - which can be shared freely - and a private key, which must be kept securely. This is very important: if anyone else gets a copy of your private key, they will be able to decode your messages. While CrypTweet makes it difficult for others to get at your private key, anyone who has access to the files on your computer could conceivably get a copy of your private key. For this reason, the private key is stored in encrypted format. You must use a special four-word password every time you want to decrypt something with your private key. You will be asked to create this password - four words of any length - and then you will be asked to confirm your password by entering those words (one at a time) once again. Once you've confirmed your password, the keypair is created and stored to your computer.
• Finally, a copy of your public key is sent to the CrypTweet public key server, so that anyone who wants to commuicate with you can do so without needing a copy of your public key. If they don't have your public key, they'll ask the server to send them a copy, which they can then use any time they want to communicate with you.
  IMPORTANT: If you have a protected Twitter account, the keycatcher will not be able to read your shared key. You will need to unprotect your Twitter account, run the setup, then protect your account again.

Once the setup has finished, you're ready to send and receive encrypted direct messages.

Using CrypTweet

CrypTweet comes with its own web service, which allows you to both read and send encrypted messages from within your favorite web browser. On Linux or OSX, start the web service by typing the following onto the command line:

python ct.py

In a few moments, the web service will start, and the command line prompt will return.

On Windows 7, type

python ctwww.py nodaemon

When you hit enter, the web server will start up. It will send messages to the command window until you shut it down - with a Control-C.

At this point, fire up a web browser and go to http://localhost:8080/

If everything is working, you should see something that looks like this:

We'll start by sending an encrypted Direct Message. Click on the "Send Message" area, and you will see a screen requesting a Twitter username for the recipient of this Direct Message:

Enter the Twitter user name of the recipient - note that this is CASE SENSITIVE, so make sure you type it in exactly as it appears in Twitter. Submit the name, and you'll then be presented with a text box where you can type in the message:

Hit submit, and CrypTweet will send the encrypted Direct Message off to the recipient. Once the message has been transmitted, return to the home screen. Now we'll read any encrypted Direct Messages that others have sent us. Click on the "Read Messages" area, and you'll now be challenged for the four passwords you set up earlier:

Select whether you want to get the last few encrypted direct messages (if any), or whether you want to read a lot of them. It takes a lot of time to do the decryption on messages, so the more messages you want to read, the longer you will be waiting for those messages to appear. When you hit the "Submit" button, CrypTweet will go away for a while - as long as a minute or more - as it reads the Direct Messages in, decrypts them, and builds page with the decrypted messages. Be patient. Eventually you'll see the messages:

To shut down the CrypTweet web service on Linux or OSX, type the same command which started it:

python ct.py

On Windows 7, use a control-C keypress within the command window to stop the web service.

That's it. If you can master this, you can use CrypTweet!

While the default settings for the CrypTweet web service will work for most people, some folks already have web services running, and CrypTweet might conflict with that service. If this is the case, there are two command line options which might help you resolve those conflicts.

python ct.py [-p portnumber -n hostname]

You can provide any valid portnumber and hostname on the command line, and the web service will attempt to use them. If the web service finds a conflict, use different settings and try again.

For example, if you wanted to use port 8085 on host plexusproject.org, this is the command you would use:

python ct.py -p 8085 -h plexusproject.org

You would then point your browswer to http://plexusproject.org:8085/ to use the CrypTweet web service. This means that you could run CrypTweet on a machine other than the one under your fingertips, accessing your encrypted direct messages remotely, but this is a huge security risk (because someone could tap into the network and read the decrypted messages) and is NOT RECOMMENDED.

To send an encrypted direct message, go to the terminal and type:

python cttx.py [-u username -f -m "Message text"]

The program will ask for the Twitter username of the recipient. If you do not have a public key for that user, the program will ask the keyserver for that user's public key. Once you've got the key, the program will ask you to type the message you'd like to send. Keep it to 140 characters - the program will trunate messages longer than that. When you're finished, hit return and the program will encrypt your message and send it off to that user.

NOTE: If the recipient is not following you, you will not be able to send the message.

As an experiment, try sending an encrypted message to yourself:

python cttx.py
Twitter Username of Recipient: mpesce
Message to encode: This is a test of Cryptweet. Hope it works!

You can provide the username on the command line, and even the entire text of the message to be encrypted, so the entire command can be automated within a script. If you want to force a lookup of a user's key from the public keyserver, use the -f flag. That's good if someone has changed their private key -- without the new public key they won't be able to read encrypted messages you send them!

To receive your encrypted direct messages, go to the terminal and type:

python ctrx.py [-p1 password1 -p2 password2 -p3 password3 -p4 password4]

If there are any encyrpted direct messages to be decoded, the program will ask for the four-word password you created during the setup process, using those passwords to unlock your private key. Once unloked, the private key is used to decrypt your messages. For example, if you sent a message to yourself as above, it might look like this:

python ctrx.py
Password One:
Password Two:
Password Three:
Password Four:
mpesce: This is a test of Cryptweet. Hope it works!

The program displays the username of the sender followed by the decoded text.

You can include any or all of the four passwords on the command line. CrypTweet will ask for the passwords that have not been supplied.

Note: Putting passwords in a script saves typing, but makes your private key much less secure. Do this at your own risk.