Hi @dustball,

Summary

A PRNG is an algorithm used to produce random-looking numbers with certain desirable statistical properties. In order for a PRNG to be cryptographically secure it must be resistant to prediction.

secretchat.site currently uses Math.random() as a pseudo-random number generator which is not a cryptographically secure PRNG.

The PRNG is implemented in room.php when generating an IV as follows:

function make_iv() {
        var text = "";
        var possible = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
        for( var i=0; i < 16; i++ )
          text += possible.charAt(Math.floor(Math.random() * possible.length));
        return text;
}

Link to source code: https://github.com/dustball/secretchat.site/blob/master/www/room.php#L234-L240

The PRNG is again implemented in index.php to generate salts:

function make_salt() {
  var text = "";
  var possible = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
  for( var i=0; i < 16; i++ )
    text += possible.charAt(Math.floor(Math.random() * possible.length));
  return text;
}

Link to source code: https://github.com/dustball/secretchat.site/blob/master/www/index.php#L94-L100

How can this be fixed?

You could either implement a CPRNG from a library or use the Web Crypto API.

Best regards,
Ed

The following comment claims that you do not use Google analytics in the production version, but as far as I can tell you have deployed this page without removing the analytics code snippet:

// production version will not have google analytics

https://github.com/dustball/secretchat.site/blob/master/www/index.php#L111

<?php

if (!$_SERVER['HTTPS']) {
  header('Location: https://secretchat.site/');
  exit;
}

You should just force HTTPS on the site and use a sameorigin header and it'd be better.

Please consider removing third party tracking software. You are better off including any necessary fonts, stylesheets, scripts, etc., in the project source.

https://secretchat.site/room/ gives a status code of 200
and
https://secretchat.site/TEST/ gives a status code of 404

I'd suggest if someone directly accesses something, you execute some server-side code.
Such as, anything that would be 403 should route to 404. Then the 404 page should have something like this:

<?php
http_response_code(404);
?>

Which makes it harder to tell whether something is truly not there, or forbidden.

Right now your IP is out in the open to anyone who pings or accesses the site. Are you worried about a DDoS or other attack on your server?

Couple issues.

1. You're using input for the room and just wrapping it in a sha1 function.
2. What exactly are you using to "encrypt" conversations, and why do users not have access to their own keys ( and preferably, can generate their own )?
3. Why does "password" need to equal the sha1 hashed room name? What's password even for?