Sign in to follow this  
Halsafar

[java] Java Encryption on Packets

Recommended Posts

Before I start the big dig for information I figure I'd ask since this is a rough one. Does Java provide any encryption classes for packets? I need to encyrpt some text in a secure as possible way. Any help would be great. Thanks, Halsafar

Share this post


Link to post
Share on other sites
Yes that does help a bunch I think...
Does all the packages and classes used with that file come with a standard JRE or JDK download?

Or will people using this need to download anything? If not then perfect!

I need the end application to be as easily deployable as possible. It must be notably secure as well since username/password will be sent across the network.

I also need to study a way to prevent malicious packet injection in attempts to confuse, crash or gain control of the server.

Share this post


Link to post
Share on other sites
There is a dependency on that code, but you can easily figure out that it's just the "proprietary" code of the company who made it. You can replace it with your own code, easily.

That was just to show you the packages involved in such a task. I didn't even read the whole code :p

Son Of Cain

Share this post


Link to post
Share on other sites
Yes now that I look again org.bouncycastle packages will need to be removed.
But everything else is java/javax so I should be good.

I wish there was a site that would explain some of the steps in preventing packets coming from random ppl, unless encryption eliminated that problem. I'll wiki it.

Thanks for your help.

Share this post


Link to post
Share on other sites
Quote:
Original post by Halsafar
I wish there was a site that would explain some of the steps in preventing packets coming from random ppl, unless encryption eliminated that problem. I'll wiki it.


I guess that is not possible; you'll have to check each incoming packet for a pattern that only your application produces. If it's not there, then it wasnt sent by you. I'm not sure how to prevent reverse engineering to discover your pattern, though.

Son Of Cain

Share this post


Link to post
Share on other sites
Well I don't think its possible to prevent the reverse engineering of anything... Someone will figure it out, even for network heavy MMORPG's someone figure out how to decrypt and inject packets.

I guess if the encryption on the packets is strong enuf, and when decrypted back to something readable the pattern is complex enough it will take a long time for someone to attempt to crack it.

I'm also becoming curious as to the security exploits available within the Java Networking packages, or its encyrption packages. I really highly doubt anyone will attempt to packet sniff and decrypt my particular app, I just have to learn how to make this as secure as possible. (ie. make it as hard and annoying as possible for a would-be hacker to sniff out passwords)

Share this post


Link to post
Share on other sites
Quote:
Original post by Son of Cain
Quote:
Original post by Halsafar
I wish there was a site that would explain some of the steps in preventing packets coming from random ppl, unless encryption eliminated that problem. I'll wiki it.


I guess that is not possible; you'll have to check each incoming packet for a pattern that only your application produces. If it's not there, then it wasnt sent by you. I'm not sure how to prevent reverse engineering to discover your pattern, though.

Son Of Cain



One way to prevent reverse engineering your applications pattern would be to use a hash algorithm like sha to digitally sign each packet. Here is some sample code for producing this signiture



public static final byte [] KEY = { 125,12,34,23,24,125,23,-125,34,-12 };
private static byte[] getSigniture(byte[] packet) throws NoSuchAlgorithmException
{
MessageDigest md = MessageDigest.getInstance("SHA");
md.update(packet);
md.update(KEY);
return md.digest();
}


The steps to send a packect would be something like

1. create base packet.
2. create digital signiture
3. add signiture to packet
4. encript packet.
5. send
6. decript packet
7. create digital signiture
8. compare signiture to the one in packet (If the are the same we are good)
9. use packet.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this