Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses

Re: Authentication of off-line application

by samtregar (Abbot)
on May 18, 2006 at 20:32 UTC ( #550345=note: print w/replies, xml ) Need Help??

in reply to Authentication of off-line application

Sounds like a job for cryptography. For example, you could have each machine sign it's file using a private key. Then the master server can verify the file by checking it with the appropriate public key. Unless the attacker steals the private key from a terminal he can't alter the data.

A non-public-key crypto approach would be to just encrypt the whole file using a shared-secret like a password entered by the operator or stored on disk.

If you're new to cruptography I suggest you pick up a copy of Applied Cryptography by Bruce Schneier. It's a very gentle introduction to the field and will help you make an informed decision about what approach to use.


  • Comment on Re: Authentication of off-line application

Replies are listed 'Best First'.
Re^2: Authentication of off-line application
by Fletch (Chancellor) on May 18, 2006 at 20:47 UTC

    Before even looking at AC you should look at Secrets and Lies: Digital Security in a Networked World (ISBN 0471453803). Whereas AC explains on a technical level what crypto is and how algorithms work, S&L gives an overview (not quite drool-proof paper marketing glossies level, but comprehensible even by CTOs :) over why it's hard to get it right and why "security" isn't just a simple checkbox on a form that you tick once you put some form of crypto in front of / around / beside your application.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://550345]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others romping around the Monastery: (6)
As of 2021-01-23 18:11 GMT
Find Nodes?
    Voting Booth?