[Botan-devel] Quick Tutorial Question

Rachel Blackman seattlesparks at mac.com
Wed Oct 5 15:21:24 EDT 2005


>  - A client can claim to be another client to the server, and either
>      - Start receiving that client's messages, either ignoring them or
>         responding to them blindly
>      - Start sending messages to someone else claiming to be the wrong 
> client

There's already a PK-based challenge/response step at the connection 
and authentication phase, in the design.  The server sends a randomly 
generated challenge, encrypted with the public key of the client 
claiming to connect; the client has to use the appropriate private key 
to decrypt and sign the challenge, sending the signature back as a 
response.

For the sake of the design, I have to assume that the server is 
reasonably trustworthy.  Still, I think the overhead's probably 
manageable for signing each message packet too, and it might be a 
useful additional step.

That said, I probably should work up a way to allow for longer messages 
*anyway*, even if the initial stuff is probably going to be short data 
payloads.




More information about the botan-devel mailing list