0

I'm supposed to add asymmetric encryption to an application with Client <-> Server architecture using Java NIO.

I have read somewhere that I should go with SSL but I would have problems adapting the NIO Server to it.

Any thoughts and recommendations about it? Maybe an example? I would highly appreciate some enlightenment.

Cheers

EDIT:

Forgot to mention that the existing communication is between non-blocking client and non-blocking server through only one SocketChannel

pelican_george
  • 961
  • 2
  • 13
  • 33
  • 2
    Possibly via `SSLEngine` http://stackoverflow.com/questions/9118367/java-nio-channels-and-tls – zapl Jan 02 '14 at 20:59
  • SSLEngine is the way to go, but it is much harder to use than it first appears. Find comments and notes on this by @EJP on stackoverflow and others, as well as in his book. – President James K. Polk Jan 03 '14 at 01:06
  • Everyone portraits it as a scary scenario, I'll give it a try anyway. I will probably only need to encrypt the communication from Client to Server, should I consider the same approach ? – pelican_george Jan 03 '14 at 13:57
  • 1
    No, SSL is two-way encryption. I would just look at the Cipher class for one-way encryption. Encrypt your data, put it into a ByteBuffer, send it, receive it, get it out of the ByteBuffer, use Cipher to decrypt it, ... – user207421 Jan 03 '14 at 19:01
  • I will go with EJP's advice for now and if I'm required later to encrypt both ways I'll stick my head into SSLEngine. I'll update this post in a few days. Thank you all – pelican_george Jan 07 '14 at 12:27
  • Ok, I got a bit confused now. It seems that I have specifically to add Asymmetric Encryption, but to achieve that both ways are encrypted and I have to figure out a way to distribute the keys right? – pelican_george Jan 07 '14 at 13:54

0 Answers0