Main Article Content
Public Key Infrastructure (PKI) enhanced file transfer over secure sockets in Linux environment
Abstract
Public Key Infrastructure (PKI) provides an intensive security mechanism for securing data communication over network. Generally transferring a file over a network is not secure if the network is wireless network or it consists of hubs as a networking device. Because then packets are broadcasts to every other computers over the network. A hub does not remember what all devices are attached to it. It just sends the packets to all its ports. Same in case of wireless networks the data packets are broadcasted. In general scenario the data packets are received by only those clients which are supposed to receive it, but it may be happen that a third party too, called “Sniffers” capture or “sniffed” the data packets during file transaction even if they are not supposed to accept it. In this work we try to enhance the security of file transfer by merging file transfer over secure socket along with Public Key Infrastructure (PKI). If we implement file transfer along with asymmetric key cryptography then there is another problem arises, known as man-in-middle attack. This attack exposes the problem of key validity, in which the attacker intercept the first message and sends its own public key to each. By doing this, attacker pretends to be the other person and hence can read the stream of decrypted traffic and can modify it. To provide privacy and security to file transfer we use Secure Socket Layer (SSL) a communication layer protocol.
Keywords: PKI, Secure Sockets, Tunneling, Man-in-Middle Attack, Socket Programming, Packet Sniffer