Re: Encryption scheme using RSA
- From: Dominick Baier <dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 10 Jan 2008 14:58:25 +0000 (UTC)
fair enough. In this case your scheme looks good to me.
-----
Dominick Baier (http://www.leastprivilege.com)
Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)
here are some more details which explain our choices:
suppose there is no way for an attacker to perform active attacks
(man-
in-the-middle, connection hijacking, setting up a spoofed server,
etc.). The only thing he can do is to sniff the network traffic,
trying to steal passwords for a later use.
My schema is intended to prevent this only risk, nothing more. So I
have only been careful about:
- the password bits which travels on the network must be encrypted;
- on every new connection, bits which are exchanged during
authentication must be completely different, in order to prevent
replay attacks
We are trying to implement a minimum effort solution in order to raise
a bit the security level of the system. More standard and powerful
solutions are currently unfeasible because of several reasons (tight
deadlines, concerns about speed of execution, and also some politics).
Thanks for any other comment you can give
On Jan 9, 1:43 pm, Dominick Baier
<dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
How do you want to protect the clients against spoofed servers? In
other words - there are no server authentication bits in your scheme.
Why don't you simply wrap the whole (clear text) protocol in an
SslStream?
-----
Dominick Baier (http://www.leastprivilege.com)
Developing More Secure Microsoft ASP.NET 2.0 Applications
(http://www.microsoft.com/mspress/books/9989.asp)
Hi,
in my company we are using a proprietary clear text protocol to do
the communication between client and server for a product of ours.
The protocol requires authentication, but login and password pass on
the network in clear text.
We want to modify the protocol in order to protect at least the
password. The scheme we invented is the following:
- CLIENT connects
- SERVER generates an RSA key pair and sends the private key to
CLIENT
- SERVER generates a random number and sends it to CLIENT
- CLIENT obfuscate the password bits using the random number ( in a
reversible way!), encrypt the result with the public key and sends
the encrypted stuff to SERVER
- SERVER decrypts with private key, un-obfuscate and obtain the
password of CLIENT.
- SERVER validate the password and allows/denies access
I know it not a standard way to use asymmetric encryption, but I
would like to hear from you what the main flaws are in this idea.
Thanks in advance
jaqq
.
- References:
- Re: Encryption scheme using RSA
- From: gianluca . ortelli
- Re: Encryption scheme using RSA
- Prev by Date: Re: Encryption scheme using RSA
- Next by Date: Re: Encryption scheme using RSA
- Previous by thread: Re: Encryption scheme using RSA
- Next by thread: Re: Encryption scheme using RSA
- Index(es):
Relevant Pages
|
