Geek Answers Handbook

Asymmetric TCP C # Encryption

I would like to write a client and server application that uses a tcp socket for communication. However, I do not need a certificate, because users do not care who the other is. But I need asymmetric encryption, so no one can track. I can't think of a way to exchange symmetric keys without using RSA, but in any case, I think I should use SSL with TCP?

What is the maximum way to create an SSL / TCP connection in C #? I believe that I either do not specify cert, or dynamically create one of the flies (but they should be thrown ...). What is the easiest way to implement it? I tried just adding sslstream to the tcp stream, but it doesn’t cut it (I get streams that are not readable errors). So far my simple code

{ Thread serverThread = new Thread((ThreadStart)delegate { TcpListener listener = new TcpListener(1234); listener.Start(); using (TcpClient client = listener.AcceptTcpClient()) //using (var sslstream = client.GetStream()) using (var sslstream = new System.Net.Security.SslStream(client.GetStream(), true)) using (StreamReader reader = new StreamReader(sslstream)) using (StreamWriter writer = new StreamWriter(sslstream)) { writer.AutoFlush = true; string inputLine; while ((inputLine = reader.ReadLine()) != null) { writer.WriteLine(inputLine); } } }); serverThread.Start(); { string[] linesToSend = new string[] { "foo", "bar", "ack" }; using (TcpClient client = new TcpClient("127.0.0.1", 1234)) //using (var sslstream = client.GetStream()) using (var sslstream = new System.Net.Security.SslStream(client.GetStream(), true)) using (StreamReader reader = new StreamReader(sslstream)) using (StreamWriter writer = new StreamWriter(sslstream)) { writer.AutoFlush = true; foreach (string lineToSend in linesToSend) { Console.WriteLine("Sending to server: {0}", lineToSend); writer.WriteLine(lineToSend); string lineWeRead = reader.ReadLine(); Console.WriteLine("Received from server: {0}", lineWeRead); //Thread.Sleep(2000); // just for effect } Console.WriteLine("Client is disconnecting from server"); } } serverThread.Join(); }
+4
source share
1 answer

You need to provide an implementation of LocalCertificateSelectionCallback to select the certificate to use, and you need to provide an implementation for RemoteCertificateValidationCallback to accept the self-signed certificate used by the partner.

To create a self-signed certificate (i.e. discard), see Creating a self-signed certificate in C # .

It also provides a step-by-step example of SO on Using SSL and SslStream for peer-to-peer authentication .

Make sure you understand the consequences, i.e. a man-in-the-middle can sniff your traffic because you are not actually checking the certificate presented. In other words, this is not a form of authentication at all (as suggested in the SO return connection), but simply a way to get private communication with someone, but you don’t know exactly who. An alternative would be to use a root certificate to sign each selected certificate and verify the certificate chain in the client, but this will greatly complicate the generation of the certificate compared to the link to the blog.

+5
source

More articles:


All Articles