 |
|
 |
 |
||||
|
 
Evan Summers's BlogCryptonomiconPosted by evanx on March 08, 2007 at 02:55 AM | Comments (0)Let's check out some Java Cryptography, considering both symmetric and asymmetric algorithms. We implement a client and server that mimic how SSL works, where the client uses the server's public key to asymmetrically encrypt and transfer a secret key, which is then used by both sides to encrypt messages using a symmetric cipher.
The client connects to the server port, negotiates a key exchange, and then communicates securely.
public class CryptonomicalClient extends Thread { CryptonomicalSocket cryptoSocket; ... public void run() { try { String publicKey = cryptoSocket.sendRequest(cryptoRequest); cryptoSocket.setEncodedPublicKey(publicKey); cryptoSocket.generateSecretKey(); String encryptedSecretKey = cryptoSocket.encryptSecretKey(); String response = cryptoSocket.sendRequest(encryptedSecretKey); if (!response.equals(cryptoAcknowledge)) throw new RuntimeException(); cryptoSocket.setEncrypt(true); process(); } catch (Exception e) { e.printStackTrace(); } finally { cryptoSocket.close(); } } protected void process() throws Exception { String response = cryptoSocket.sendRequest("ALL YOUR BASE ARE BELONG TO US."); logger.info(response); } } Once key change has been accomplished, we can securely send the server a test message in process(). PS. The title of this article is of course a tribute to Neal Stephenson's book Cryptonomicon, which is on my bedside table right now.
Bookmark blog post:  del.icio.us  Digg  DZone  Furl  Reddit
CommentsComments are listed in date ascending order (oldest first) | Post Comment | ||||
 java.net RSS Feeds
|
