UDP Encryption - Simple and Sorta Safe

Heyo!

I am writing an application in Qt/C++ that creates connections between peers. The first step in my protocol is for a new 开发者_如何学JAVApeer to broadcast it's information, soliciting connections from established peers. The location of these peers is unknown.

To do this I am using a UDP Broadcast. Since this broadcast contains information about the peer, I would like it to be encrypted. However, peer authentication happens when a TCP connection is established between peers, so there is still plenty of security beyond the UDP broadcast, but I just don't want to be too easily intercepted and interpreted by a 3rd party.

What I am looking for is a simple way to encrypt the datagram.

Can anyone suggest a reliable method?

Thanks a million!

You can use pretty much any encryption method you want what is more important/difficult is key distribution.

E.G. if all the clients just use the same symmetric encryption method like AES then the broadcast information will be encrypted but anyone who decompiles your client may be able to find out the key.

Have a look at :

How to encrypt and decrypt a file with Qt/C++?

When broadcasting a message to unknown hosts, you will be giving up your IP address and port number. You would have to have a pre-shared key for a broadcast to be meaningful, and as "brain" pointed out, that limits your ability to be secure. If you are feeling sufficiently secure with all clients being able to decrypt as well as anybody who reverses it, then you'll be ok. You can use any symmetric form of encryption and be relatively safe. For the very simplistic, XORing the data could be sufficient in this case.

If you want to be more secure in your broadcast, make your broadcast message a Diffie-Hellman key exchange message. The rest of the exchange after that can be unicast and use different numbers for each client. This would permit a new key for every individual connection. Granted somebody could re-implement your protocols and fake being a peer, but they wouldn't be able to get information from any other peers.