The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,737 other followers

Research notes on Diffie Hellman over WebSockets over a MittM http proxy to setup an encapsulated secure channel

Posted by jpluimers on 2015/06/17

Inspired by CloudFlare Keyless SSL, I have this idea of using Diffie Hellman over WebSockets over a MittM based http proxy (which intercepts and decrypts HTTPS traffic) like mitmproxy (but them from a commercial vendor to inspect web traffic) to setup an encapsulated secure channel.

I know SSH uses Diffie Hellman to setup a secure channel over a binary TCP connection.

Binary communication over HTTP usually means WebSocket.

I don’t want WebSSH (which does use WebSockets, but is probably filtered by the MitM proxy anyway).

Maybe either of these open source tools will work:

If these don’t work, I need to do more research.

Since I use C# and .NET for much of my work, I started the WebSocket over HTTP C# query.

c# – How to use proxies with the WebSocket4Net library – Stack Overflow.

–jeroen

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

 
%d bloggers like this: