Securely send Pub key over socket & reduce MITM risk

To securely send a public key over socket and reduce the risk of a Man-in-the-Middle (MITM) attack, one can implement a custom padding scheme that includes extra bytes and a delimiter known only to the sender and receiver.

The idea is to pad the public key with extra bytes and a specific delimiter. This padding will help obscure the actual content of the public key, making it less recognizable to potential attackers. The sender and receiver must agree on the padding scheme beforehand.

Further to increase the obfuscation , it is recommended that the resulting padded public key is further cyclically xor-ed. Further , to make it more relevant , the padding instead of dummy bytes could include a verifiable token to establish sender as genuine

The under discussion scheme isn’t ultimate / fool proof but adds a level of difficulty for MITM attacker. Here is a python snippet on how this can be done

import os

def xor(public_key: bytes, key: int=245) -> bytes:
    return bytes([b ^ key for b in public_key])

def cxor(public_key: bytes, xorkey: bytes = b"ABCDEF") -> bytes:
    return bytes([b ^ xorkey[i % len(xorkey)] for i, b in enumerate(public_key)])

def pad_public_key(public_key: bytes, pad_length: int = 16, delimiter: bytes = b'??') -> bytes:
    padding = os.urandom(pad_length)
    padded_key = padding + delimiter + public_key + delimiter + padding
    return cxor(padded_key)

def extract_public_key(padded_key: bytes, delimiter: bytes = b'??') -> bytes:
    padded_key = cxor(padded_key)
    parts = padded_key.split(delimiter)
    if len(parts) > 1:
        return parts[1] 
    else:
        return None

# Example usage
public_key = b'MyPublicKey1234567890223fwefrwer24231313$#$#%#^#^'
print (f"Start public key : {public_key}")

padded_key = pad_public_key(public_key)
print("Padded Public Key:", padded_key)

extracted_key = extract_public_key(padded_key)
print("Extracted Public Key:", extracted_key)