NetBurner Community Forum

I have 2 MOD boards that need to communicate to each other via a TCP connection.
In a nut shell, i have several opto inputs on MODA and several relays on MODB, as you guess it whatever inputs are triggered on MODA need to activate the relays on MODB.

I would like to be able to encrypt this data somehow, to keep it somewhat safe from peering eyes. My question is if i buy the SSL License, will this allow me to make a secure SSL connection on a TCP port of my choosing, or is this limited to port 80 only.
Or should i just use the AES method as in the examples ?

Thanks

I have had success AES-encrypting plain-text messages (your data in hex, etc.) with the biggest key I can store on both ends.

I believe SSL is just a different way of encrypting data that has been agreed upon in the internet community and is useful for interfacing your stuff to existing infrastructure.

The main thing here, I think, since you are on both ends is to encrypt your data with a 256 bit key and transmit it using whatever method you choose, which includes a simple client-server socket set.


Chris

I would have to imagine i am not thinking outside the box with using AES.

If i encrypt a message, say my message is "Close Relay #1" and the encrypted message is:
45 cc 63 8e f6 5f 96 71 05 5b b4 2a b7 be 30 4c, that's all fine and dandy. However the problem i see is that if anyone else were to send this same message to the remote unit it would be decrypted correctly and close relay#1.

I.E. there is no distinction between the originator and a hacker sending the same data.
what am i not seeing ?

ok. now you're thinking....

both sides have the key.

the client connects to the server and asks for a random string, the server generates the string and using his key, creates a signature from the random string using the secret key.

the man in the middle sees a random string go by

the client creates the same signature using the secret key.
the client uses the data and the signature and encodes it with the secret key and sends the string

the man in the middle sees impossible nonsense go by

the server decrypts the response with his secret key and breaks the plain text into the signature and the data. if the signature matches the data is judged to be good

.......

I didn't think this out Real Good, but the key is the random string.

That is why you always hear about the strength of the random number generator when you hear about DES AES etc.

Chris

Thats what i was thinking, but let me work it all out.

We have 2 keys, i will call them Master Key (MK) and Variable Key (VK).
The Master Key never changes, this key is used to encrypt the message used to get the variable key.

The client uses the MK to request the VK from the server. The server responds with the new VK, and then the client responds back with the string data using the new VK to control the relays.

I profess to being fairly ignorant about most of this stuff, but if you just want to prevent an encrypted message from being duplicated and sent again just include an always increasing sequential number in the encrypted data. Then the server can just ignore any message that comes in from a client with an out of order number.