Encryption and authentication for client-server application where clients are known
Question
I want to write a secure client-server application where only a few (say, five) clients exchange data with a server via TCP sockets. All clients are known in advance and off-line sharing of keys etc. is possible.
I want three things:
- The clients need to be sure they talk to the right server
- The server needs to be sure it only talks to these five clients
- The communication needs to be encrypted
How should such a setup be realized?
My first thought was SSL/TLS enabled sockets, but after thinking about it for some time, I feel the exchange of keys in the handshake is something I don't really need. Also, the whole certificate authority business that needs to be worked around for self-signed certificates seems out of place.
Another options seems to be to do regular socket communication, and carry out encryption/decryption and signing on both ends. Similar to a gpg-based e-mail setup, I could create key pairs for the server and each client, and make sure the server has all public keys of all clients and each client has the server's public key. Because I can copy files locally to each machine, this key exchange can be assumed to be secure.
Or should I even just use symmetric encryption, with a single secret key known to all clients and the server?
Almost everything I could find on the web was about the "classical" setup where the server authenticates itself to many arbitrary clients, via a certification authority, ie, HTTPS-like setups.
I plan to write it in Java, but actually I think my question is language-independent.
1 answers
solution1
1 ACCPTED 2015-02-03 15:25:19
I suggest you to use TLS. It contains a lot of so called cipher suites , which are predefined combinations of included cryptographic algorithms, and they ensure peer authentication, asymmetric key exchange, symmetric encryption and message authentication. They are battle-tested in the real world.
Using certificates:
- Create a self-signed CA cert and sign all clients and server certs with it.
- Configure them to accept only opposite parties authenticated with cert signed by your CA.
Or, if you are uneasy with certificates, there are also cipher suites which uses preshared key authentication (look for PSK and SRP).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.