IJETEV1I1A008 – CHAT CT – A SECURE WEB CHAT APPLICATION

ABSTRACT – This paper describes the design and implementation of a secure webbased chat application that combines four protection layers: encryption, steganography, identity verification, and optional passwordbased access control. The system enables realtime messaging via WebSockets and implements end-to-end encryption with clientside key management so that the server stores only ciphertext and metadata. An optional steganography mode embeds encrypted payloads into lossless image carriers (PNG) for covert transmission, with client-side embedding and extraction. Identity verification is provided through hashed credentials and optional TOTP-based twofactor authentication, while an additional permessage password-derived key can be applied for extra access control. The implementation targets a modern web stack supports media sharing, private and group chats, and secure key exchange. The paper documents architecture, data flows, database schema, API and real-time endpoints, and a phased development plan for integrating encryption, steganography, and operational hardening.