I have to say this straight away: I am in no way promising what is suggested below, but I will try to do it if people show interest in it.

I just want to know who here would be interested ina plugin for MSN which can encrypt/decrypt messages sent/recieved via MSN. Obviosly it wont have PGP type security, as I dont know that much about cryptography, but I was thinking about some kind of RC4 encryption (modified of course). This is just a rough idea at the moment (which explains the vagueness :p), but like I said, if people are interested, I will look into it.

For people that may be interested in helping, the language I currently know 'fluently' and the one I will be using is VB. I know its not as good as others, but I dont care :p

Get a version of trillian. It supports 128-bit blowfish encryption for AIM and ICQ, which is pretty solid.

Also, there's a PGP plugin for Trillian floating around somewhere.

No offence, but Trillian sux IMO :p I honestly dont know what it is about it, but I shudder at the thought of using it. Using existing programs means that you are stuck with the algorithm it comes with. By writing your own, you can use pretty much anything you like, plus you can alter the algorithm slightly to throw the casual 'listener' off track. It was just an idea. If noone is interested, then I wont look into it. :)

By writing your own, you can use pretty much anything you like, plus you can alter the algorithm slightly to throw the casual 'listener' off track. In theory that's correct, but you have to know well what you're doing if you want to write a reliable algorithm which is hard to reverse. Since Visual Basic is not what an expert would usually choose I suppose that you're not too experienced in that field, but that's only a vague presumption of course :).

That is why you modify an existing open source algorithm ;) And yes, I have done it before, and yes I have written a few programs that utilise a modified (or standard) encryption scheme. Using VB is not really a great limit unless you are doing rather complex stuff. One of the major limits of VB is speed, but when you are sending small amounts of encrypted data (in this case an instant message), the speed loss isnt really noticed (yes I know from experience :p). As for my experience, I have been programming in various languages for nearly 15 years...

I didn't want to run your abilities down :). I've never written a program in VB, but if speed is its only severe drawback that's not too bad because Java is considered a modern language and its slow, too (and that's one of the reasons why I don't like it).

I wonder what kind of changes you want to apply to the algorithm? Small changes will be likely to only slightly increase your level of security, whereas deeper interventions could be prone to result in a security leak. But probably I'm telling you nothing new with that.

Indeed you do have to watch what you change with regards to the algorithm. You kinda have to balance stability, security, and speed. Most of the time I fiddle around with the algorithm seed(s), internal keys or even add a few extra steps in. The latter is actually my favorite, as you can then 'imbed' a second or third algorithm into the origional so you end up with a hybrid scheme. I have also applied all three mods (seed, key and extra steps) to an algorithm, which works most of the time, but can lead to some pretty nasty bugs if its not done right. True, I have no way of testing the security or the algorithm properly, but it would most likely give someone who is trying to find out the plaintext a major headache :p

In order to apply changes to the source code safely, you would need to regard the mathematical background of the algorithm, but that can get complicated, especially if you want to prove its correctness which you would need to do in order to be completely sure.

Anyone can write an encryption program, but only a handful of people in the world have the skill to do so in a manner that can't be trivially broken by the experts of the NSA, which is where your message will end up after going up the food-chain of local/state/federal police if it's important enough (like a member of an "internet terrorist organization [AKA RS.org]) for them to put the effort into it.

Besides, PGP supplies plug-ins for ICQ, which is what MSN is (or almost like) if I'm not mistaken.

Don't reinvent the wheel.

ICQ is far superior to MSN. MSN transmits way too much header stuff for my liking.

I have very frequent disconnects here, first thing that comes back up is ICQ. MSN takes more than a minute to even notice it has been disconnected...:rolleyes:

I believe there's also a ICQ program that uses blowfish.

What's wrong with Trillian? Have you ever used it? It consumes less memory than MSN and supports 5 messaging platforms. Furthermore it comes with a shitload of neat plugins.
Automatic message splitting is one of them.

Encryption algorithms are very complex mathematical functions. Altering them will weaken them if you just do it randomly.

Unfortunately my computers SMPS is out of service for whlie so I couldn't check this exactly but searching on google(ahaa! good old google,I just wonder what would have been the use of net if google wouldn't have been there).
Plugin for MSN to combine with PGP is found to be some "spyshield".
www.commandcode.com/spyshield.html
So! MSN is free to download,so is spyshield and so is PGP.cool.