Re: Algorithm suggestions


David Wagner wrote:

Why don't you just use SSL between the sender and the device?

The sender is a small terminal device that already has a lot
of code on it. The SSL is a OEM add-on that is non-programmable.


I think we may need a little more detail on your security goals
(what are you trying to achieve), your threat model (who is likely
to attack the system, and what capabilities are they likely to have;
to put it another way, who/what are you trying to defend against),
and any economic/performance/other constraints that you may be facing.
That may mean that you may have to think about those some more.

The main security threat is from the operator of the device, so there
are numerous safeguards in place to stop quasi-legitimate data.
Looking over the design, the largest packet is 64 bytes of data.
I expect the number of packets passing between any device
and the server to be around 100 per day at peak usage, so
in theory at least, it could require some time to gather enough
data to reverse engineer an encryption scheme. A major portion
of the encrypted data is binary, so there's also the problem of
recognizing the unencrypted data as correct.

If you're considering taking "shortcuts", you'll need to be pretty darn
confident that you've characterized the threat environment accurately and
that you've understood the risks of the shortcut fully. And whenever
you find yourself inclined to take "shortcuts", you have to be very
careful that you're not just engaging in wishful thinking (as in, gee,
my life would be nicer if there was a simple solution; this is simple and
looks like a possible solution; if it doesn't work, my life is going to
be unpleasant; therefore let's not look too closely at whether it really
will be adequate or not).

I expect that every time someone invents a better lock, people
start working on better lockpicks. I fully expect any system to
be broken, I'd just prefer that the cost of their time and effort is
more than their expected return.

-----
Geoff

.

Relevant Pages

  • Re: More crackergate fallout
    ... death threat was linked to her account. ... It turns out it was Melanie Kroll's husband who sent the threatening ... "Message to chuck: What would you do if Melanie received an email ... My answer is Hell no, if I were PZ, I would not contact the sender and try ...
    (talk.origins)
  • SSL-Alternativen ohne Zertifizierung bzw. PK-Infrastruktur
    ... Ein SSL ohne irgendwelcher Zertifikate bzw. Public-Key-Infrastrukturen. ... Die Vertrauenswürdigkeit von Sender bzw. Empfänger wird an anderer Stelle überprüft. ...
    (de.comp.lang.java)