0

I have a Java app (deployed as a JAR file) that allows file sharing through SLLSockets. If all users use the same certificate, file transfers are not secure, since it violates the core concept of asymmetric encrypted communication. Therefore, I understand that each user needs to have its own certificate. This brings up my first question:

  1. How can you generate a certificate programmatically, and where would you store it ? I don't want users to have to generate their own certificate with keytool, then have to tell the app where it is located.

Now, let's say my first question is answered and each user has its own certificate. Prior to opening the SSL connection between two hosts, you need to add each other's certificate to the trustStore. The only way I know to achieve this is by exchanging them through Sockets (note that I am using JGroups to exchange Socket connection info). This brings up my next two questions:

  1. How do you guarantee authentication and integrity when exchanging the certificates ?
  2. How do you programmatically add the received certificate to the trustStore ?

Finally, this whole post brings up my fourth question:

  1. Are the steps described above the correct way to send data securely between two hosts, using SSLSocket asymmetric encrypted communication ?
user3856210
  • 270
  • 2
  • 12
  • 1. What is your threat model? (who, what are you protecting stuff from). 2. are you sure you need client certs? 3. can you use smart cards? – Neil McGuigan Jun 17 '15 at 23:02
  • 1. MIM trying to get the file 2. Well, I would assume that using SSL is the best way to securely transfer Data. How would I go without certificates ? 3. Do you mean physical cards that can be read through a reader ? This seems too complex for this application. It's a simple LAN file sharing app, but security is important regardless of the context, IMHO. – user3856210 Jun 17 '15 at 23:13
  • Is this a client-server application or peer-to-peer? – Neil McGuigan Jun 17 '15 at 23:30
  • It is a client-server application in the sense that clients send files to servers. However, client and servers are just launched instances of the JAR, if that makes sense to you. I use JGroups with full message encryption enabled for basic communications, but for file transfers, I need to use SSLSockets. – user3856210 Jun 18 '15 at 04:51

1 Answers1

2

You don't need client certificates necessarily.

Could you not use username/password authentication?

You can still secure the transfer just by using a server certificate.

Client certs are also kind of a pain, and not entirely secure. They tie you to a machine, and evil processes can read them. Smart cards mitigate this, but aren't free.

Neil McGuigan
  • 46,580
  • 12
  • 123
  • 152
  • Username / password would be a bit of a pain I think. This is meant as a quick file sharing app on a LAN. Though threats are not that big of a deal, I want to prevent MITM listening for file transfers plus faking being someone else. Smart cards would definitely not be an option as this is meant to be an open source and expense free project. How about a DES encrypted file transfer, plus a pre-transfer Diffie-Hellman authentication by just showing a short code on each users' screen, and they both should make sure the code is the same ? Kind of how some phone-pc synchronization techniques. – user3856210 Jun 24 '15 at 08:25