Re: Difference between CryptEncryptMessage EncryptMessage(Negotiat

From: "mario.beutler" <mario.beutler@xxxxxxxxxx>
Date: 14 Dec 2006 00:32:23 -0800

Eric wrote:

Very generically, in absence of context, the former is meant to encrypt data
for some entity for which you have a cert (only uses crypto) and works
offline, the latter can only be used between a client and a server after they
have established a security context using
InitializeSecurityContext/AcceptSecurityContext.

Eric, thank you very much for your answer! It is hard to find an expert
for such special security questions - so I'm happy that you answered
me.
Perhaps you can tell me your opinion about the following questions:
What is the best and secure way to send data from a client to a server
in Windows XP Pro? My idea: My client software is a service and collect
some information and creates a local Named Pipe (there the services
writes the collected and crypted information). The server software
reads from this Named Pipe via CreateFile(\\Client\PipeName). The
client doesn't connect to the server - I think so I avoid a lot of
security flaws. But the client could be cracked or replaced and I can
not checked if the information from the Named Pipes comes really from
my client.
Perhaps the client should send the data via EncryptMessage or (secure)
RPC to the server software. Is would be great if an administrator
doesn't change the network setting to run my software (open new ports,
active OS services) - I think my solution based on Named Pipes will
work in the most networks because Named Pipes has the least
requirements.

Mario

.

References:
- Difference between CryptEncryptMessage EncryptMessage(Negotiate)
  - From: mario.beutler
- Re: Difference between CryptEncryptMessage EncryptMessage(Negotiate)
  - From: mario.beutler

Prev by Date: RE: using CreateProcessAsUser API
Next by Date: Re: Mapping memory across user accounts in XP
Previous by thread: Re: Difference between CryptEncryptMessage EncryptMessage(Negotiate)
Next by thread: Re: Difference between CryptEncryptMessage EncryptMessage(Negotiat
Index(es):
- Date
- Thread

Relevant Pages

Re: what type of socket should I use?
... Essentially the server just waits till it gets a message ... | from the client and on reciept of a message it send ... sockets, Named Pipes, or Shared Memory ... Unix Domain Sockets is similar to Named Pipes. ...
(comp.os.linux.networking)
Re: what type of socket should I use?
... Essentially the server just waits till it gets a message ... | from the client and on reciept of a message it send ... sockets, Named Pipes, or Shared Memory ... Unix Domain Sockets is similar to Named Pipes. ...
(comp.os.linux.development.apps)
Re: Delegation???
... EFS in Win2k relies on delegation working over named pipes, ... client and server, where the server can connect to another server as well. ...
(microsoft.public.platformsdk.security)
Re: What doesnt lend itself to OO?
... >> proxy and instructs the server to constuct the real object. ... rather than client code. ... If 'clock' is instantiated in the server, ... > for the server interface at the OOA level. ...
(comp.object)
This is going straight to the pool room
... or not the client has privilege to do what they're trying to do, ... The server environment is this: ... 3GL User action Routines that Tier3 will execute on your behalf during the ... Routine Name: USER_INIT ...
(comp.os.vms)