Say I am writing a chat server and client that allows users to login with their user-name and password. Now I could just send and receive the information as plain-text but there is the risk that the information may be intercepted. So the socket should be secured to protect the user. I am not interested in certificates or verifying identity, I just want to make sure that the information supplied is not at risk of being exposed. Neither am I interested in protecting subsequent messages that are sent/received. What is a good approach to take?
- Can I replace a regular socket with a secure socket transparently?
- Is there overhead associated with a secure socket that I might want to avoid for non-secret information messages?
I would prefer java pointers/examples, but interested in other languages also.