Chapter 10. SafeTalk
is a Java application based on the
utility of Unix.
allows two users on different computers to type messages to each
other, in real time, over a network. It’s not hard to eavesdrop
talk because its data is sent in plaintext over
cryptography to this application, providing authentication for each
end of the conversation and encryption for the conversation itself.
SafeTalk builds on work that we’ve done
elsewhere in this book:
KeyManagerclass, from Chapter 5, is used to contain all the keys that
SafeTalkuses. This class is used instead of a
KeyStorederivative to keep the application reasonably simple. If we used a
KeyStoreimplementation, we’d have had to implement certificate generation and handling as well.
SafeTalkexchanges a DES session key using ElGamal encryption. We need the ElGamal classes from Chapter 9, (with the exception of
ElGamalSignature) and the Jonathan provider.
SafeTalk, in essence, is a hybrid system,
combining both symmetric and asymmetric ciphers (see Chapter 7, for more on hybrid systems). It uses an
ElGamal (asymmetric) cipher to exchange a session key between the two
ends of the conversation. The remainder of the conversation is
encrypted using a DES (symmetric) cipher and the session key.