# Re: Encrypting control channel

*From*: Christopher Head <chead@xxxxxxxxxx>*Date*: Tue, 10 Jan 2012 20:34:17 -0800

In addition to the good advice given by the prior posters (digital

signature schemes), I note that in your original message, you basically

say that the hardware at each end is fully controlled by you and you

can embed a shared secret into all devices if necessary.

In addition to digital signature schemes, I would urge you to look into

HMACs (Hashed Message Authentication Codes). These are basically the

symmetric-key equivalent to signature schemes: anyone who possesses the

secret key can both create and verify MACs, while anyone who does not

possess the key cannot do this. As long as you assume that both the

broadcaster and the receivers are safe from compromise, this is

perfectly adequate as an attacker trying to modify your data cannot

compute a proper MAC without the key (the same guarantee that a

signature scheme gives you). The difference is that an HMAC is

computationally much cheaper than most asymmetric digital signature

schemes: it consists of nothing more than applying a hash function

twice, whereas digital signature schemes use large-integer arithmetic.

Chris

On Tue, 10 Jan 2012 22:41:55 +0000 (UTC)

ggr@xxxxxxxxxxxxx (Greg Rose) wrote:

Mostly good advice, except:

In article <k9cpg71lujds3euc2sa749ut649qo25t0d@xxxxxxx>,

Robert Wessel <robertwessel2@xxxxxxxxx> wrote:

In principal, this can be as simple as computing a SHA-256 hash of

the object, and encrypting that 256-bit hash with a private RSA key,

and transmitting that with the object. The receiver uses the public

RSA key to decrypt the hash, and compares that with a new SHA-256 of

the object. So long as the private key remains secret, that works.

You don't "encrypt with the private key". You

*sign* the hash. The recipient *verifies* the

signature. Even in RSA, the only system where the

mathematics looks like it works either way, the

requirements for signing and encryption are very

different.

So, consider this just one of the ways that it's

hard to get this stuff right.

Greg.

.

**Follow-Ups**:**Re: Encrypting control channel***From:*Don Y

**Re: Encrypting control channel***From:*Peter Gutmann

**References**:**Encrypting control channel***From:*Don Y

**Re: Encrypting control channel***From:*Robert Wessel

- Prev by Date:
**Re: Encrypting control channel** - Next by Date:
**Re: Encrypting control channel** - Previous by thread:
**Re: Encrypting control channel** - Next by thread:
**Re: Encrypting control channel** - Index(es):