Establishing Keys and Message Exchange - Introduction to Cryptography with Java Applets

Cryptography Reference

In-Depth Information

CHAPTER 15

Establishing Keys and

Message Exchange

15.1

ESTABLISHING KEYS

Since its appearance, public key cryptography has been used to establish secret keys over

an unsecure connection. Thus, communicants with no secret key to share can establish one

by using a public key protocol, and some public keys generated “on the fly.”

To demonstrate this key exchange I have written a couple of classes. However, in order

to see how they work we must cover some of the methods of the Java networking classes.

To get two computers to talk to each other, we will use two classes from the java.net pack-

age: Socket and ServerSocket. A socket represents an abstraction of a connection between

computers. The way data is transferred between machines is quite complicated, and a socket

insulates the programmer from this. Thus, socket I/O in most languages is similar to key-

board I/O, or file I/O. In Java, this is certainly the case.

To set up a socket between machines, one machine starts out by listening for a connec-

tion on a designated port (the server) and one starts out by talking to the server (the client).

In Java, we set up a server by doing something like this:

ServerSocket ss = new ServerSocket(54321);

Socket connectionServerSide = ss.accept();

This server will listen on port 54321 for a request from a client. When it receives such a

request, the accept() method from the ServerSocket class will create (and return) a socket

between the server and the client.

There are 65535 logical ports that a server can use; however, some are set aside for use

with standard protocols. A list of some of these standardized ports follows. (See Table 15.1.)

Do not use them unless you are writing a server for that purpose.

Most standard protocols are on the low end of the range of 1 thru 65535. If you use a port

greater than 10000, say, you will probably be fine. Another potential problem with running

a server is that you may not have permission to bind to (listen on) a port. You may need to

see your system administrator to obtain permission to do this.

Setting up the client side of a socket is simple. You simply request a connection to a

server running on a specified port.

Search WWH ::

Custom Search

Home