Tcpclient, TcpListener, NetworkStream - Client/Server Security

Posted on 2006-04-13
Last Modified: 2010-05-18
I will be using Tcpclient, TcpListener, NetworkStream for my Client/Server application which will support 200-1000 users (lots of data and lots of bandwith).

The question is what is the best way to handle security?  I want the data from the client to be encrypted and secure when traveling across the network.  What is the best way to achieve this and can you provide some code that will show an example of a basic tcpclient securing data before shooting it off to a server and the tcplistener on the server (multi-threaded if possible) taking the data then unsecuring it so it can read the data.

Thank you.

Question by:Hepen
    LVL 14

    Expert Comment

    I have no sample code for you right now, but what you might do, and what I know have been implemented before:
    (Assuming you build the connection already)

    Sender:EncryptPackage using
    LVL 14

    Accepted Solution


    don.t press tab and space :D heheh

    ok.. continued:

    Sender: Encrypt data using it's own 'secret-sender-encrypt' method
    Receiver: Encrypt data using it's own 'secret-receiver-encrypt' method and sending it back to sender
    Sender: Decrypt using it 'secret-sender-decrypt' method and send to receiver again
    Receiver: Decrypt using it 'secret-receiver-decrypt' method and read it.. this should be the original data..

    You will see this causes more communication, but I think security will always have it's price.

    LVL 14

    Expert Comment

    You might also try out the SSLStream obj:

            Dim client As New System.Net.Sockets.TcpClient()
            Dim myStream As New System.Net.Security.SslStream(client.GetStream())

    you might find this discussion interesting as well:

    Author Comment

    That example is really not that complete. It is just up in the air it seems.

    Also do I have to have a certificate that loads from a file to use the SSLstream?

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    If you're writing a .NET application to connect to an Access .mdb database and use pre-existing queries that require parameters, you've come to the right place! Let's say the pre-existing query(qryCust) in Access takes a Date as a parameter and l…
    Introduction When many people think of the WebBrowser ( control, they immediately think of a control which allows the viewing and navigation of web pages. While this is true, it's a…
    how to add IIS SMTP to handle application/Scanner relays into office 365.
    In this sixth video of the Xpdf series, we discuss and demonstrate the PDFtoPNG utility, which converts a multi-page PDF file to separate color, grayscale, or monochrome PNG files, creating one PNG file for each page in the PDF. It does this via a c…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now