Chapter 10. SafeTalk
SafeTalk
is a Java application based on the
talk
utility of Unix. talk
allows two users on different computers to type messages to each
other, in real time, over a network. It’s not hard to eavesdrop
on talk
because its data is sent in plaintext over
the network. SafeTalk
adds
cryptography to this application, providing authentication for each
end of the conversation and encryption for the conversation itself.
SafeTalk
builds on work that we’ve done
elsewhere in this book:
The
KeyManager
class, from Chapter 5, is used to contain all the keys thatSafeTalk
uses. This class is used instead of aKeyStore
derivative to keep the application reasonably simple. If we used aKeyStore
implementation, we’d have had to implement certificate generation and handling as well.SafeTalk
exchanges a DES session key using ElGamal encryption. We need the ElGamal classes from Chapter 9, (with the exception ofElGamalSignature
) and the Jonathan provider.
SafeTalk
, in essence, is a hybrid system,
combining both symmetric and asymmetric ciphers (see Chapter 7, for more on hybrid systems). It uses an
ElGamal (asymmetric) cipher to exchange a session key between the two
ends of the conversation. The remainder of the conversation is
encrypted using a DES (symmetric) cipher and the session key.
Get Java Cryptography now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.