Welcome Guest (Log in)
Encrypted Socket Server Multiple Chat Rooms (Ephemeral Keys AES Encryption)
- Author
- Rating
- Type
- Revision
- Downloaded
- Updated
- markclark@me.com
- Stack
- 4
- 227 Times
- 04 May 2021
Encrypted Socket Server Using Ephemeral Keys
I updated the server version to go with the newer client (with sample chatroom demo)
Getting Started: You will also need the client stack.
1. Copy the server stack to computer (A)
2. Copy the folder named 'LCHostFramework' to the top level of your Documents folder (A)
(Use create Client List on Server if you did not download this as a zip)
3. Copy the client stack to second computer (B)
4. Open the client on computer B
5. Enter your server's IP (A) into the server field on the client (B).
6. Start the server on machine A
7. Connect to server (A) from client (B)
Alternate Instructions:
For use on a single machine I'd advise just making a second copy of LiveCode 9.x and opening the client with one copy and the host from a second. Ideally you would test this on two machines to get a proper understanding of the network piece--if you don't have two machines, this works as a decent simulator and gives you a better flavor of how things will operate on an actual network. VMs work also work when hardware is at a premium.
All the scripts are available in the buttons and stack scripts. Nothing is hidden from you, feel free to use/discard whatever you desire.
About
This is a LiveCode framework for creating a client and server that communicate over sockets using ephemeral RSA keys to exchange a per client session based AES passphrase to encrypt the traffic.
What does this mean?
No long term key requirement for either server or client.
In practical terms this means that there is no one single long term key that could be compromised and used to decrypt all future (and recorded past) traffic between any client and the server-- hence, you are less of a target and the cost for any would be hacker is high.
This framework is similar to TLS 1.3 in nature, but it is not TLS proper and is built specifically for LiveCode developers who want to use encrypted socket communication. RSA is actually just fine to use in forward security requirements, but it does exact some cpu costs. For LC developers it's a simple matter to place the ephemeral key generation at the client level (many clients, few hosts) and keep server load to a minimum. On an ca 2013 Macbook Pro, a 2048 bit RSA key pair takes @ 200-300 ms to generate,sometimes 500. Less on new hardware and worth the little extra time at client connection.
"A ship in harbor is safe, but that is not what ships are built for."
Mark Clark
28 Apr 2021
Getting Started: You will also need the client stack.
1. Copy the server stack to computer (A)
2. Copy the folder named 'LCHostFramework' to the top level of your Documents folder (A)
(Use create Client List on Server if you did not download this as a zip)
3. Copy the client stack to second computer (B)
4. Open the client on computer B
5. Enter your server's IP (A) into the server field on the client (B).
6. Start the server on machine A
7. Connect to server (A) from client (B)
Alternate Instructions:
For use on a single machine I'd advise just making a second copy of LiveCode 9.x and opening the client with one copy and the host from a second. Ideally you would test this on two machines to get a proper understanding of the network piece--if you don't have two machines, this works as a decent simulator and gives you a better flavor of how things will operate on an actual network. VMs work also work when hardware is at a premium.
All the scripts are available in the buttons and stack scripts. Nothing is hidden from you, feel free to use/discard whatever you desire.
About
This is a LiveCode framework for creating a client and server that communicate over sockets using ephemeral RSA keys to exchange a per client session based AES passphrase to encrypt the traffic.
What does this mean?
No long term key requirement for either server or client.
In practical terms this means that there is no one single long term key that could be compromised and used to decrypt all future (and recorded past) traffic between any client and the server-- hence, you are less of a target and the cost for any would be hacker is high.
This framework is similar to TLS 1.3 in nature, but it is not TLS proper and is built specifically for LiveCode developers who want to use encrypted socket communication. RSA is actually just fine to use in forward security requirements, but it does exact some cpu costs. For LC developers it's a simple matter to place the ephemeral key generation at the client level (many clients, few hosts) and keep server load to a minimum. On an ca 2013 Macbook Pro, a 2048 bit RSA key pair takes @ 200-300 ms to generate,sometimes 500. Less on new hardware and worth the little extra time at client connection.
"A ship in harbor is safe, but that is not what ships are built for."
Mark Clark
28 Apr 2021
Your Comment
Click here to log in and post a comment