0

If I have Device A, Device B and Server, how can I achieve a secure transfer of information between the two devices?

I want to encrypt plain text on Device A, send it to the server, which will reroute it to Device B, which will decrypt the message. I haven't found many examples of this online. I was able to fiddle around with Node's crypto, but that is useless to me because it's server side. I'm using socket io and any initial connection that would send out any keys is a vulnerability. I am unable to use HTTPS or WSS.

What are my options here?

Mike K
  • 7,621
  • 14
  • 60
  • 120
  • you may want to take a look at [this answer](https://stackoverflow.com/a/58360477/4215616). It explains a library named Libsodium and how to use it – Paul Stoner Oct 31 '19 at 12:58
  • Read some books of cryptography, comprehend the essence of TLS, then you can design your protocols with the help of current cryptographic algorithms. For javascript, there's a very powerful tool named browserify, and the crypto functions have been implemented with pure JS, so you can communicate with Node.JS crypto module in a simple and straightforward manner. – tibetty Oct 31 '19 at 13:00

1 Answers1

1

I am unable to use HTTPS or WSS.

What are my options here?

You have no other options that will actually be secure. See also: Login without HTTPS: How to Secure?

Scott Arciszewski
  • 33,610
  • 16
  • 89
  • 206