tags:

views:

39

answers:

2
Q: 

How can I add encryption to my own TCP-based-Protocol using Java Sockets?

So, I have a working protocol that the Client needs to authenticate with user and password to login on the server. Then server and client would trade messages and files. It´s all working OK and I´m using Input/Output Stream for that. I need to add encryption to the conversation and user/password authentication too. I dont want to store a symmetric key inside my jar, So I think I will need a public/private keys for that. I know I could use the public/private encryption to send a symmetric key, but I really dont know how to do that in Java. And I think I could maybe just use encryption on the messages and not on file transfer.

I googled for it and found various ways of using cryptography with java sockets, whats the best(correct) way? Using CipherOutput(Input)Stream? Or is there another way?

If someone could post a piece of code I would be grateful

+2  A: 

SSL. See javax.net.ssl and the JSSE Reference Guide.

EJP  2010-09-24 11:55:19
thanks, it looks great and simple, but can I use it with NIO for the server too??
fredcrs  2010-09-24 12:30:12
Yes but with great difficulty. See the SSLEngine. But it's not for the faint-hearted.
EJP  2010-09-25 00:53:55
A: 

If you are in a bind for time, you can piggy back on SSH port forwarding.

You will setup firewall rule on your server that would allow direct access to clear text port only from the firewall host.

Then on a client you will setup a port forwarding SSH session ( -L option on ssh client ).

The client machine then will talk clear text to a local host on the forwarded port and all conversation will be encrypted by SSH tunnel.

Alexander Pogrebnyak  2010-09-24 12:32:53
Its also a good idea, but I need to implement as a commercial software and not beeing able to count with any firewall rule.
fredcrs  2010-09-24 12:37:34

related questions

How do I get the external IP of a socket in Python?
How Do Sockets Work in C?
How do you send and receive UDP packets in Java on a multihomed machine?
Can't Re-bind a socket to an existing IP/Port Combination
Reading from a socket in C#
Sockets and Processes in Java
Stream data (such as music) using PHP (or another language)
How to forcibly close a socket in TIME_WAIT?
How do I make persistent network sockets on Unix in Ruby?
What's the idiomatic way to do async socket programming in Delphi?
How do you minimize the number of threads used in a tcp server application?
WSACancelBlockingCall exception
C# Performance For Proxy Server (vs C++)
How to get your own (local) IP-Address from an udp-socket (C/C++)
Free Network Monitor
Reconnect logic with connectivity notifications
Maximum buffer length for sendto?
Configure a Java Socket to fail-fast on disconnect?
Sockets in Pascal
Firefox plugin - sockets
How can I determine the IP of my router/gateway in Java?
ActionScript 3.0 sockets can't reconnect
Reverse DNS in Ruby?
Asynchronous multi-direction server-client communication over the same open socket?
How to use the C socket API in C++ on z/OS