Re: Can somebody point me in the right direction?
- From: Paulo Marques <pmarques@xxxxxxxxxxxx>
- Date: Fri, 23 May 2008 14:37:32 +0100
notreal@xxxxxxxxxxx wrote:
[...]
Thank you for your input. Do you see any flaws in my approach?
It just seems slightly cumbersome :)
Let's try to define something more concrete:
You say you want 10 character strings, so if we assume you'll be using something like base 64, this gives 60 bits of information. With one more character (or an alphabet larger than 64 chars) you could round this to 64 bits, to be able to use more standard encryptions (like Triple-DES).
With a 64 bit "message" you could do something like:
[40 bit magic number][4 bit information][20 bit counter]
then take this message and encrypt with a private key only known by both "black boxes".
The second black box can take the message decrypt it and test the magic number. If it is the same as expected then the message was generated by the first black box.
This will give you a 1 / 2^40 probability of a random message being interpreted as valid (it is actually slightly better because the "information" field might have invalid values giving an extra 10/16 resilience).
If this is enough or not will depend on your threat model...
--
Paulo Marques
Software Development Department - Grupo PIE, S.A.
Phone: +351 252 290600, Fax: +351 252 290601
Web: www.grupopie.com
"God is love. Love is blind. Ray Charles is blind. Ray Charles is God."
.
- References:
- Can somebody point me in the right direction?
- From: notreal
- Re: Can somebody point me in the right direction?
- From: Gordon Burditt
- Re: Can somebody point me in the right direction?
- From: notreal
- Can somebody point me in the right direction?
- Prev by Date: Data
- Next by Date: Re: Can somebody point me in the right direction?
- Previous by thread: Re: Can somebody point me in the right direction?
- Next by thread: Re: Can somebody point me in the right direction?
- Index(es):
Relevant Pages
|
