Name: John Song
Date: 12/12/2023
github: CODE
- git clone the whole project.
- Use Intellj IDEA to open it.
- Open src folder to run as below.
using SHA-256 & MD5 to encrypt message and output
this contains two sub classes--> ProtectedClient.java & ProtectedServer.java
contains two sub classes--> ElGamalAlice & ElGamalBob
Reference for formula
contains two sub classes --> CipherClient & CipherServer
since server side and client side execute at one computer, I generated DES key first to read file to get keys.
If you are trying to generate in the processing of sending message, one computer could not process client and server at same time so DES key may dismatch.
contains three classes --> Public_key_2D & Sender_2D & Receiver_2D
using RSA schema to generate 1. Confidentility 2. Integrity.
In the program, you could type 1 for confidenlity. type 2 for Integerity.
use command line to genereate keys.
keytool -genkey -keyalg RSA -alias John -keystore keystore.jks
keytool -export -alias John -storepass 123456 -file server.cer -keystore keystore.jks
contains two sub classes --> Client_2E & Server_2E
- Lack of trust by client and browsers
Browsers and clients do not inherently trust self-signed certificates. - No Validation of Identity
self-signed do not provide third-party validation. - Man-in-the-Middle attacks
since the third-party is hard to validate, middle-man could attack.
-
Development and Testing Environment
this allow developing and test to reduce the cost. Self-signed provides a covenient and cost-free to implement SSL. -
Personal Project
For individual project or small project, it could use self-signed. -
Cost
if people think about cost, self-signed is cheaper than CA-signed certificate.