Re: Encrypting control channel
 From: Christopher Head <chead@xxxxxxxxxx>
 Date: Tue, 10 Jan 2012 20:34:17 0800
In addition to the good advice given by the prior posters (digital
signature schemes), I note that in your original message, you basically
say that the hardware at each end is fully controlled by you and you
can embed a shared secret into all devices if necessary.
In addition to digital signature schemes, I would urge you to look into
HMACs (Hashed Message Authentication Codes). These are basically the
symmetrickey equivalent to signature schemes: anyone who possesses the
secret key can both create and verify MACs, while anyone who does not
possess the key cannot do this. As long as you assume that both the
broadcaster and the receivers are safe from compromise, this is
perfectly adequate as an attacker trying to modify your data cannot
compute a proper MAC without the key (the same guarantee that a
signature scheme gives you). The difference is that an HMAC is
computationally much cheaper than most asymmetric digital signature
schemes: it consists of nothing more than applying a hash function
twice, whereas digital signature schemes use largeinteger arithmetic.
Chris
On Tue, 10 Jan 2012 22:41:55 +0000 (UTC)
ggr@xxxxxxxxxxxxx (Greg Rose) wrote:
Mostly good advice, except:
In article <k9cpg71lujds3euc2sa749ut649qo25t0d@xxxxxxx>,
Robert Wessel <robertwessel2@xxxxxxxxx> wrote:
In principal, this can be as simple as computing a SHA256 hash of
the object, and encrypting that 256bit hash with a private RSA key,
and transmitting that with the object. The receiver uses the public
RSA key to decrypt the hash, and compares that with a new SHA256 of
the object. So long as the private key remains secret, that works.
You don't "encrypt with the private key". You
*sign* the hash. The recipient *verifies* the
signature. Even in RSA, the only system where the
mathematics looks like it works either way, the
requirements for signing and encryption are very
different.
So, consider this just one of the ways that it's
hard to get this stuff right.
Greg.
.
 FollowUps:
 Re: Encrypting control channel
 From: Don Y
 Re: Encrypting control channel
 From: Peter Gutmann
 Re: Encrypting control channel
 References:
 Encrypting control channel
 From: Don Y
 Re: Encrypting control channel
 From: Robert Wessel
 Encrypting control channel
 Prev by Date: Re: Encrypting control channel
 Next by Date: Re: Encrypting control channel
 Previous by thread: Re: Encrypting control channel
 Next by thread: Re: Encrypting control channel
 Index(es):
Relevant Pages
