Thanks for the reply Erwin. Let me clarify the goal: the client wants to send an encrypted message to the server for security reason and the connection may not be secured (cannot be changed during communication). Although the connection can be set up to use SSL, it is configured by the user and the application has no control. In order to decrypt the encrypted, an key is needed on the server side. We do not want to use hardcoded key or send the key over the wire for obvious reason. That's way Diffie-Hellman is an option. But it requires extra calls to do key agreement handshake. Since both client and server have a pair of certificate and private key, so the user can configure SSL connections, therefore PKI seems to be more straightforward.
I am thinking of using the client's private key to encrypt the message, i.e. RSA_private_encrypt(), and let the server use the client public key to decrypt it, RSA_public_decrypt(). But I am not familiar with the API . How do I get the RSA data from a PEM file? Thanks. Alex On May 2, 2012, at 6:15 PM, Erwin Himawan wrote: > I have the impression you want to protect (providing message integrity, > message authentication, and confidentiality) messages between a client and a > server. The options are: > 1. Protect individual message with known techniques such as S/MIME, CMS and > send it in unprotected connection. > 2. Protect the connection between the client and server using known > techniques such TLS or DTLS, and IPSec. Send the message in clear. S/MIME, > TLS, and DTLS protection is integrated with the application. IPSec protection > is not integrated with application. > > If you do not like any of those techniques, you can use your own technique. > However, it may be option-1, option-2, or combination of option-1 and > option-2. > > Level of difficulty to implement. > IPSec: Low. Client and server do not need any new functionality. If your OS > kernel has IPSec stack, you can enable and configure it and you are done. > TLS, DTLS: Medium. Client and server do need modification, making TLS or DTLS > API calls. It is relatively simple to implement security using TLS or DTLS; > TLS and DTLS API semantics are similar to networking API semantics. It is a > simpler to implement because a lot of crypto API calls are hidden. > S/MIME (CMS): High. Client and server do need modification. A lot of crypto > API calls need to be called to create CMS envelopedData, signedData, > creating/verifying digital signature, encrypting/decrypting using public key > and symmetric keys, creating symmetric key. > > If my understanding is correct, Diffie-Hellman is key agreement protocol; PKI > is public key management mechanism. These two do not provide the protection > you are looking for. They enable message protection by providing the crypto > keys needed by S/MIME, TLS, DTLS, and IPSec to protect the message. > > Erwin > > On Wed, May 2, 2012 at 4:46 PM, Alex Chen <alex_c...@filemaker.com> wrote: > I want to send encrypted information from a client to the server via non-SSL > connections without using hardcode encryption key, i.e. a typical scenario. > Both client and server have their private key and certificate. (RAS key, PEM > format) > I am thinking of two options to exchange the encryption key, which will then > be use to symmetric encryption/decryption. > > 1. Use Diffie-Hellman > 2. Use PKI > > Which approach is a better? If I go with 2., what APIs are used to extract > the private key and public key from the PEM file? > > Thanks for the help. > Alex > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org >
