1

For a project, I need a server and a client. Not a problem so far. The difficulty is for me, that the connection must be encrypted since sensible information will be sent. You could use RSA encryption. I just don't know yet how to exchange the keys so nobody could intercept them or get any other chance to reach them. Since I don't know, how to do it in general, I did not try anything so far.

Improve this question
3
  • 1
    For a key exchange, diffie-helman is worth looking at, as is elliptic-curve-diffie-helman. However, setting up a TLS connection would be a good idea because it uses a well established protocol that is widely used Commented Oct 23, 2019 at 14:09
  • thank you! Could you write it as an answer with a particular code example/scheme? It would be great. Commented Oct 23, 2019 at 15:01
  • please make sure to upvote my post if you think it can be helpful for other people Commented Jul 30, 2020 at 14:21

1 Answer 1

Reset to default
2

Here is a TLS connection implementation in Python. All key exchanging and encrypting data is done within the protocol.

import socket
import ssl

def main():
  #Define Host Name And Port (Port 443 Is Typical Encrypted Web Connection Port)
  host_name = "www.google.com"
  host_port = 443

  #Create Unencrypted Connection And Then Encrypted It By Wrapping It
  unencrypted_socket = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
  unencrypted_socket.settimeout(10)
  encrypted_socket = ssl.wrap_socket(unencrypted_socket,ssl_version=ssl.PROTOCOL_TLSv1) #Optional Ciphers Spec Parameter Too

  #Connect To The Host, Send Data And Wait To Recieve Data
  encrypted_socket.connect((host_name,host_port))
  encrypted_socket.send(b"Hello")
  response = encrypted_socket.recv(512)

  #Close The Connection
  encrypted_socket.close()

main()

Note: I am using Python 3.6, and I think that a newer version of TLS is available to use as of Python 3.7.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

On serverside everything works out the same, except you don't connnect to a server but bind to an address etc., as you would normally when working with sockets, right?
Yes, it has to bind, listen and then accept an incoming connection. Each incoming connection must be wrapped with TLS on serverside

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.