Chapter 10. SafeTalk

SafeTalk is a Java application based on the talk utility of Unix. talk allows two users on different computers to type messages to each other, in real time, over a network. It’s not hard to eavesdrop on talk because its data is sent in plaintext over the network. SafeTalk adds cryptography to this application, providing authentication for each end of the conversation and encryption for the conversation itself.

SafeTalk builds on work that we’ve done elsewhere in this book:

  • The KeyManager class, from Chapter 5, is used to contain all the keys that SafeTalk uses. This class is used instead of a KeyStore derivative to keep the application reasonably simple. If we used a KeyStore implementation, we’d have had to implement certificate generation and handling as well.

  • SafeTalk exchanges a DES session key using ElGamal encryption. We need the ElGamal classes from Chapter 9, (with the exception of ElGamalSignature) and the Jonathan provider.

SafeTalk, in essence, is a hybrid system, combining both symmetric and asymmetric ciphers (see Chapter 7, for more on hybrid systems). It uses an ElGamal (asymmetric) cipher to exchange a session key between the two ends of the conversation. The remainder of the conversation is encrypted using a DES (symmetric) cipher and the session key.

Get Java Cryptography now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.