I would like to know if there are any security concerns regarding the way I want to create a secure client-server connection.
NOTE: I know the most obvious answer to these type of questions is to just use SSL/TLS, but I would appreciate an answer to my specific case.
My connection protocol is as follows (following communication is un-encrypted plain text):
- client connects to server socket
- server sends a 2048-bit public RSA key to client
- client generates a 256-bit AES key, encrypts it with the received public RSA key, and sends it to server (server decrypts it and obtains the secret AES key)
- client generates a 256-bit HMAC key, encrypts it a client-embedded public RSA key, and sends it to server (server decrypts it and obtains the secret HMAC key)
- server sends to client the HMAC of the AES key, proving it possesses the private RSA key corresponding to the client-embedded public RSA key, and proving the authenticity of the server
All further communication is encrypted with AES and verified with HMAC.
