• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Rob Spoor
  • Tim Cooke
  • Junilu Lacar
Sheriffs:
  • Henry Wong
  • Liutauras Vilda
  • Jeanne Boyarsky
Saloon Keepers:
  • Jesse Silverman
  • Tim Holloway
  • Stephan van Hulst
  • Tim Moores
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Mikalai Zaikin
  • Piet Souris

JCE Encryption in client server encryption.

 
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Everyone,
I am using JCE encryption for encrypting data that is sent to my server from my client. But for that after establishing connection to the server, I have to first send the key object without encrypting it(which is obvious) so that it can be used to encrypt and decrypt data on client and server. But I want to send the key object securely. Is there any way to achive it?
Or do you guys have a better solution of encryption for network based applications. Just for information server is not a web based application, its just a simple server through which clients exchange data between them.

Kindly let me know if you need any further information from me.

Thanks for support.
 
Rancher
Posts: 43026
76
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Welcome to JavaRanch.

How about -just for the purpose of sending the key- opening a second socket over which you'd use HTTPS to send the key? You wouldn't need a servlet container (or web server) at the other end - HTTP(S) is fairly simple, and it shouldn't be much work to implement this simple key exchange.
 
Ranch Hand
Posts: 220
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I would say just use HTTPs (through the JSSE) to send the data in the first place.
 
Rancher
Posts: 4686
7
Mac OS X VI Editor Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Inventing your own protocol for security is dangerous, its easy to make mistakes. As others have said, why not just use HTTPS/SSL/TLS?
Its well established, there is lots of help on the net, built into Apache, etc.
 
Ranch Hand
Posts: 89
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
To exchange keys securely you can give Diffie-Hellman algorithm a try.The purpose of this algorithm is to exchange secret keys over an insecure medium.
 
Pat Farrell
Rancher
Posts: 4686
7
Mac OS X VI Editor Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by K Aditi:
To exchange keys securely you can give Diffie-Hellman algorithm a try.The purpose of this algorithm is to exchange secret keys over an insecure medium.



True, but that is how RSA is used in SSL/TLS. Other than for education, its easier to just use a commonly built protocol than try to roll your own.
 
You showed up just in time for the waffles! And this tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
reply
    Bookmark Topic Watch Topic
  • New Topic