Chat rooms and instant messaging software allow users from around the world to send and receive messages in real time. Unfortunately, messages sent through chat and IM software aren't always secure. If someone intercepts messages or gains access to a chat room or IM program's archive, that person can potentially read every message that has been sent. Some users turn to data encryption to keep their conversations private.
The Internet relay chat protocol, commonly referred to as IRC, is a widely used instant messaging protocol that allows users to connect to a central server and engage in real-time conferences. To allow these users to send files and other data securely through IRC, some IRC clients such as the multiplatform KVIrc client and the OS X-native Colloquy feature client-to-client encryption. Using a connection type known as a "secure direct client-to-client" connection, data is encrypted as it is sent from one IRC client and then decrypted by the other client. This results in faster encryption because messages are encrypted only during transit, but offers no security for archived messages.
Most chat room administrators have the option to add an encryption feature to their chat rooms. They set up a secure socket layer connection between the server and Java-based chat room software such as the AddonChat chat software by AddonInteractive or the Rijndael Chat Client created at Cornell University. This encryption affects messages within the chatroom as well as any archived messages on the server; no one other than registered users and administrators can gain unauthorized access to the chat messages. The primary disadvantage of this encryption type is that the encryption occurs only on the server, providing no encryption for data on the users' computers.
Website-affiliated instant messaging programs such as Yahoo Messenger, Windows Live Messenger and Google Talk are the most commonly used instant messaging platforms, but other options are available. Users who want a secure instant messaging experience may prefer alternate messaging software such as the Windows-only X-IM or the multiplatform BitWise IM, which offer chat encryption for added message security. Depending on the program used, messages sent through these alternate instant-messaging programs feature 128-bit or 256-bit encryption to protect private conversations. The main advantage of these programs is that they typically encrypt messages at the point of creation, ensuring that the message remains encrypted both during transit and in message archives. However, both users involved in the conversation must use the same messaging software for the encryption to work properly; this can be inconvenient and is not always possible if one user cannot download or install the messaging program.
Plugins and Encryption Software
Even though specific instant messaging programs and chat platforms may not offer encryption features, in some cases it is possible to add encryption in the form of a software plugin or external program. Plugins such as the FiSHy plugin for Colloquy and the Pidgin-Encryption plugin for the multiplatform chat application Pidgin enhance existing encryption methods, add new encryption options or provide encryption to chat programs that don't natively offer message encryption. External programs such as Secway Global's Windows-based SimpLite and SimpPro programs can be used to encrypt messages on other messaging programs that don't offer native encryption. Both plugins and external programs typically encrypt messages before they are transmitted, resulting in a secure chat experience because the messages are encrypted in archives as well. Because of the differences in specific programs and plugins, the actual encryption method varies depending on the program or plugin used.
- Photo Credit Joe Raedle/Getty Images News/Getty Images