Cell network ip address

[joedino]

Hello all. I am a freelance programmer and I have been contacted to create a custom messaging app that is VERY encrypted. The only problem is that the people that are having me make the app want the messages to be sent over the internet and I have never done this for cell phones. I know how to access the ip's for wifi but i need help doing it when the phones are on cellular networks (3g/4g). Also are they static or do they get reassigned when they reconnect to the network?

[Electronics Wizardy]

Not static ips, you need a server in the middle for it to work right.

[joedino]

Just now, Electronics Wizardy said:

Not static ips, you need a server in the middle for it to work right.

Server wont work. They want it to be purely peer-to-peer

[Electronics Wizardy]

2 minutes ago, joedino said:

Server wont work. They want it to be purely peer-to-peer

you need a server, that will be a comple pain to get working. 

[GW2]

There's an app called Threema, it does end to end secure messaging, it uses a server (as do ALL messaging apps) and if you connect to someone that way they have 1 level of security, then theres another way to get the second level (i dont remember how), and the third level of securty (true end to end) comes when you meet with someone physically and scan each others secure pattern, it's much like a QR code, but it isnt. This solves all of their needs, and has already been developed.

 

Calling something VERY encrypted is hilarious.

 

You are going to need a server, that's pretty much end of story. all the devices will need to have something to phone home to so they know each others IP etc. I think you might be in over your head. Why would anyone make a custom app for secure messaging? there are a million out there!

[Guest]

11 minutes ago, joedino said:

Hello all. I am a freelance programmer and I have been contacted to create a custom messaging app that is VERY encrypted. The only problem is that the people that are having me make the app want the messages to be sent over the internet and I have never done this for cell phones. I know how to access the ip's for wifi but i need help doing it when the phones are on cellular networks (3g/4g). Also are they static or do they get reassigned when they reconnect to the network?

I don't know what it's like in other countries but I know in Australia and NZ they are in giant NAT pools - you can't actually get an IPv4 address for a 4G device - you only get your gateway address at the local tower/gateway. The only way to get around this is to talk to the business/corporate manager for the service provider and request that they adjust a few things for the service number.

 

This is simply due to the limitations of the IPv4 address pool and the number of client devices now requiring leases.

[joedino]

26 minutes ago, GW2 said:

There's an app called Threema, it does end to end secure messaging, it uses a server (as do ALL messaging apps) and if you connect to someone that way they have 1 level of security, then theres another way to get the second level (i dont remember how), and the third level of securty (true end to end) comes when you meet with someone physically and scan each others secure pattern, it's much like a QR code, but it isnt. This solves all of their needs, and has already been developed.

 

Calling something VERY encrypted is hilarious.

 

You are going to need a server, that's pretty much end of story. all the devices will need to have something to phone home to so they know each others IP etc. I think you might be in over your head. Why would anyone make a custom app for secure messaging? there are a million out there!

1. I'll have to look into something like that

2. Thank you. I like to think that I am funny

3. I don't know but they are paying me well for it so who really cares!

[Mornincupofhate]

There might be a way to get it working stricly p2p, but you would probably need to use something like a dynamic DNS and assign every user their own subdomain or something.

[brwainer]

You can do end to end encryption through a server - but peer to peer without public (non-NATed) IPs or the ability to open ports in the NAT requires a server to facilitate hole-punching (which is a term you should look up)

[Just.Oblivious]

Please don't try to roll your own encryption or key-exchange mechanism, it's almost guaranteed to be vulnerable.

 

Stick to well-known systems/methods that have been rigorously tested by security experts.

 

Having a store-and-forward server between the clients shouldn't affect the security of a proper E2E encryption scheme.