I'm a doing a small report about key exchanges and want to ask if this scenario is secure.
First, I will make a simple server - client based instant chat source.
It will send a class to the server which consists of two fields: sender id, the message, and it will be encrypted by AES. The server will announce the message to the other clients.
Each client will share a key with the server(using Diffie-Hellman key exchange.).
Every single clients will have different keys compared to the other clients, and the key value will
be stored in each client, and the server(server will keep all the keys for every clients.)
The first thing I want to ask is, is this possible?
Second, will it be secure?
Third, will there be a smarter way to make a similar effect?
No it is not secure, it does not protect itself from a Man in the middle attack.
From the information you gave in your question, the clients have no way to verify that it is talking to the real server and not someone pretending to be the server. That fake server could then in turn talk to the real server pretending to be the client. It then can intercept all communications between the two.
Key exchanges only protect against eavesdropping, you must use something else to verify that the person you are secretly talking to really is the person you think you are talking to.