Java 如何使套接字连接安全?
[英]Java How to make a socket connection secure?
问题描述
I want to setup a secure socket connection between a Server and a Client.
我想在服务器和客户端之间设置安全套接字连接。 My protocol is:我的协议是:
- The Client generates a RSA keypair and send it's public key to the server.客户端生成一个 RSA 密钥对并将它的公钥发送到服务器。
- The Server generates a AES key, encypts the key with the client's public key and ends it to the client.服务器生成一个 AES 密钥,用客户端的公钥对密钥进行加密,并将其结束给客户端。
- The client decrypts the AES key with the private key.客户端使用私钥解密 AES 密钥。
- All messages are encrypted and decrypted with the AES key.所有消息都使用 AES 密钥进行加密和解密。
The problem: This protocol is very vulnerable against Man-in-the-middle attacks.问题:这个协议很容易受到中间人攻击。 A attacker could easily send his own public key to the server, and receive the AES key.攻击者可以轻松地将自己的公钥发送到服务器,并接收 AES 密钥。 The attacker can spoof to be the server to the client and to be the client to the server.攻击者可以伪装成客户端的服务器和服务器的客户端。
How to make my connection secure?如何确保我的连接安全?
1 个解决方案
解决方案1
1 已采纳 2020-09-26 09:26:26
As Marc says, use TLS.正如 Marc 所说,使用 TLS。 TLS uses Diffie-Hellman to secure the connection between A and B. This is also what makes HTTPS secure. TLS 使用Diffie-Hellman来保护 A 和 B 之间的连接。这也是 HTTPS 安全的原因。
Here's a short example in Java. 这是Java 中的一个简短示例。 Note that the term SSL is used - TLS used to be SSL, but the term is still used interchangeably.请注意,使用术语 SSL - TLS 曾经是 SSL,但该术语仍可互换使用。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.