ruoso has asked for the wisdom of the Perl Monks concerning the following question:


Today I was talking about a system that I'll probably have to deal with in the near future. This system is stand-alone, running in off-line stations receiving payments. At the end of the day, the system generate a transaction file which is then sent to the server by the available media (floppy disks are one of them)...

These computers are scattered all over the entire state, receiving payments from customers.

The question is: How to make it harder to someone start running the system in another computer, enter only part of the income and generate a valid transaction file?

UPDATE: All the replies are correct, but doensn't address the real problem, which is to make it harder to someone to copy the private key or the crypt key with the system to a third computer... how to authenticate the machine itself?


Replies are listed 'Best First'.
Re: Authentication of off-line application
by samtregar (Abbot) on May 18, 2006 at 20:32 UTC
    Sounds like a job for cryptography. For example, you could have each machine sign it's file using a private key. Then the master server can verify the file by checking it with the appropriate public key. Unless the attacker steals the private key from a terminal he can't alter the data.

    A non-public-key crypto approach would be to just encrypt the whole file using a shared-secret like a password entered by the operator or stored on disk.

    If you're new to cruptography I suggest you pick up a copy of Applied Cryptography by Bruce Schneier. It's a very gentle introduction to the field and will help you make an informed decision about what approach to use.


      Before even looking at AC you should look at Secrets and Lies: Digital Security in a Networked World (ISBN 0471453803). Whereas AC explains on a technical level what crypto is and how algorithms work, S&L gives an overview (not quite drool-proof paper marketing glossies level, but comprehensible even by CTOs :) over why it's hard to get it right and why "security" isn't just a simple checkbox on a form that you tick once you put some form of crypto in front of / around / beside your application.

Re: Authentication of off-line application
by Massyn (Hermit) on May 19, 2006 at 05:51 UTC

    Sounds like you need to look at crypto. What you could do everytime the remote site syncs up with the server, the server generates a new key for it, which is then returned to the remote site, and used for the next encryption. The server knows what to expect, since it generated the key. Can you trust the courier in between? Sounds like you may need to do a bit more homework before comitting to this one...


         |\/| _. _ _  ._
    www. |  |(_|_>_>\/| | .net
    The more I learn the more I realise I don't know.
    - Albert Einstein