0

I have a web page communicating with a server application using sockets. Security wasn't a concern in the past but I've decided it's time to implement some. Right now the page is communicating with the server by sending strings in plain text with commands to execute on the server. What would be the best way to secure this communication so that messages aren't being sent in plain text?

I considered encrypting the messages being sent using a shared key system such as AES, but I don't have much experience working with encryption and the Google results for implementing code such as this were quite intimidating.

The server is written in Qt C++, but is specifically for Windows.

Improve this question
1
  • If you're using sessions, you could use Diffie Hellman key exchange to set up session encryption over insecure connection. Commented Feb 4, 2013 at 6:43

1 Answer 1

Reset to default
1

You can use OpenSSL to encrypt your information. It supports AES and SHA* algorithms, you don't need to implement them, you just have to use the library at both C and PHP applications.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Also, Qt already includes SSL server socket support using OpenSSL; see dgraves.org/content/qt-notes-working-qsslsocket for example.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.