Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

JCE Encryption in client server encryption.

 
A K Gupta
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Everyone,
I am using JCE encryption for encrypting data that is sent to my server from my client. But for that after establishing connection to the server, I have to first send the key object without encrypting it(which is obvious) so that it can be used to encrypt and decrypt data on client and server. But I want to send the key object securely. Is there any way to achive it?
Or do you guys have a better solution of encryption for network based applications. Just for information server is not a web based application, its just a simple server through which clients exchange data between them.

Kindly let me know if you need any further information from me.

Thanks for support.
 
Ulf Dittmer
Rancher
Posts: 42968
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Welcome to JavaRanch.

How about -just for the purpose of sending the key- opening a second socket over which you'd use HTTPS to send the key? You wouldn't need a servlet container (or web server) at the other end - HTTP(S) is fairly simple, and it shouldn't be much work to implement this simple key exchange.
 
greg stark
Ranch Hand
Posts: 220
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I would say just use HTTPs (through the JSSE) to send the data in the first place.
 
Pat Farrell
Rancher
Posts: 4678
7
Linux Mac OS X VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Inventing your own protocol for security is dangerous, its easy to make mistakes. As others have said, why not just use HTTPS/SSL/TLS?
Its well established, there is lots of help on the net, built into Apache, etc.
 
K Aditi
Ranch Hand
Posts: 89
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
To exchange keys securely you can give Diffie-Hellman algorithm a try.The purpose of this algorithm is to exchange secret keys over an insecure medium.
 
Pat Farrell
Rancher
Posts: 4678
7
Linux Mac OS X VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by K Aditi:
To exchange keys securely you can give Diffie-Hellman algorithm a try.The purpose of this algorithm is to exchange secret keys over an insecure medium.


True, but that is how RSA is used in SSL/TLS. Other than for education, its easier to just use a commonly built protocol than try to roll your own.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic