[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: random, digest, uuid, cipher & Co
- From: PA <petite.abeille@...>
- Date: Sat, 9 Apr 2005 17:18:26 +0200
Hello,
This is not strictly speaking a Lua question per se, but rather a
request for comment :)
I would like to simulate a public key infrastructure on the cheap for
authentication purpose... for example, two applications communicate
over SMTP and the server would like to authenticate the client...
My current thinking goes along the line of CRAM-MD5 or APOP, but with a
twist: no shared secret.
(1) Upon a client connection, the server returns a random banner.
(2) The client identify itself with its host name and a signature. The
signature being the random banner encrypted with the client private
key.
(3) To validate the signature, the server issues a callback to the
client by looking up its address with a third party (e.g. DNS).
To generate random values, I use a mix of random, md5, uuid and crypto:
local aKey = md5.digest( aRandomValue )
local anUUID = uuid.new()
local aCipher = crypto.blowfish( aKey )
local aValue = aCipher( anUUID )
The above code generate a key by creating a digest of a random numeric
value (a Mersenne Twister random number). It then create an UUID. And
finally encrypt that UUID with the random digest using a blowfish
cipher. This results in a 80 character long hex encoded key.
Signing a value goes like this:
local aCipher = crypto.blowfish( aKey )
local aKeyDigest = md5.digest( aKey )
local aValueDigest = md5.digest( aValue )
local aSignature = aCipher( aKeyDigest .. aValue .. aValueDigest )
This creates a cipher with a given key and then encrypt the value. The
value is sandwiched between a key-value digest to add some noise (?) to
it.
To validate a signature, the server call back the client with both the
original banner value as well as the signature it has received. The
client can then validate the signature by encrypting the value with its
private key and see if it matches.
That's pretty much it.
Is such a scheme fatally flawed? Simple alternatives? Thoughts?
Comments?
Thanks in advance :)
Cheers
--
PA, Onnay Equitursay
http://alt.textdrive.com/
