BlogNetworkComms.Net makes it really easy to add pre-shared key (PSK) encryption to secure your data transmissions. In this tutorial we will demonstrate how just 4 extra lines of code are required to enable PSK encryption on a connection. Some considerations that you should also take when using PSK encryption will also be discussed.
Server Side
If you want to be able to decrypt traffic on a specific connection the only line that you have to add, after you’ve got the connection is:
//Set a password to use when encrypted data is received on the Connection connection NetworkCommsDotNet.DPSBase.RijndaelPSKEncrypter.AddPasswordToOptions(connection.ConnectionDefaultSendReceiveOptions.Options, "Your strong PSK");
If a packet is then received on this connection which was sent with PSK encryption, NetworkComms.Net will automatically decrypt the packet using the provided key!
To include the decryption key for all incoming connections you can add the PSK to the global options:
//Set a password to use when encrypted data is received on the Connection connection NetworkCommsDotNet.DPSBase.RijndaelPSKEncrypter.AddPasswordToOptions(NetworkComms.DefaultSendReceiveOptions.Options, "Your strong PSK");
Client Side
On the client side you need to decide whether you want all packets sent over this connection to be encrypted or just for a single send. To send all packets encrypted simply use:
//Add the encryptor to the list of DataProccessors to use by default when sending data on the Connection connection connection.ConnectionDefaultSendReceiveOptions.DataProcessors.Add(NetworkCommsDotNet.DPSBase.DPSManager.GetDataProcessor<RijndaelPSKEncrypter>()); //Set a password to use when encrypted data is sent/recieved on the Connection connection NetworkCommsDotNet.DPSBase.RijndaelPSKEncrypter.AddPasswordToOptions(connection.ConnectionDefaultSendReceiveOptions.Options, "Your strong PSK");
All future packets that are sent will have the payload encrypted from this point. To use encryption on a per send basis
//Clone the default options as a starting point. //We will modify these options and then use them in future sends SendReceiveOptions options = connection.ConnectionDefaultSendReceiveOptions.Clone() as SendReceiveOptions; //Add the encryptor to the list of DataProcessors to use when sending data with these options options.DataProcessors.Add(NetworkCommsDotNet.DPSBase.DPSManager.GetDataProcessor<NetworkCommsDotNet.DPSBase.RijndaelPSKEncrypter>()); //Add the password to the options NetworkCommsDotNet.DPSBase.RijndaelPSKEncrypter.AddPasswordToOptions(options.Options, "Your strong PSK");
Passing these options as an argument to connection.SendObject() or connection.SendRecieveObject() will now result in the packet payload being encrypted.
A few notes of caution should be taken when using PSK in NetworkComms.Net. At the time of writing certain information in the packet header will not be encrypted. This includes the packet type, the size of the packet and the serializer and data processors used to generate the packet. To get around this it is good practise to set the PacketType string to something that does not reveal the context of the data being sent for example “EncryptedPacket”.