Searching \ for '[OT] Signing your messages' in subject line. ()
Make payments with PayPal - it's fast, free and secure! Help us get a faster server
FAQ page: piclist.com/techref/index.htm?key=signing+your+messages
Search entire site for: 'Signing your messages'.

Exact match. Not showing close matches.
PICList Thread
'[OT] Signing your messages'
2012\07\12@190739 by V G

picon face
If you need to send a command to a remote node over an unsecure network
(for example HAM radio), or a network you don't really want to bother
securing, one way to "authenticate" yourself is by GPG-signing your message..

Q: If I send a remote node my GPG-signed message, how would I prevent
someone else capturing that signed message and replicating it over and over
again? One way is to include a counter or something unique in the message
that can only be used once, but is there another way

2012\07\12@200141 by Brendan Gillatt

flavicon
face
On 13 July 2012 00:07, V G <spam_OUTx.solarwind.xTakeThisOuTspamgmail.com> wrote:
> If you need to send a command to a remote node over an unsecure network
> (for example HAM radio), or a network you don't really want to bother
> securing, one way to "authenticate" yourself is by GPG-signing your message.
>
> Q: If I send a remote node my GPG-signed message, how would I prevent
> someone else capturing that signed message and replicating it over and over
> again? One way is to include a counter or something unique in the message
> that can only be used once, but is there another way?
>

2012\07\12@213215 by V G

picon face
On Thu, Jul 12, 2012 at 8:01 PM, Brendan Gillatt <
.....brendanKILLspamspam@spam@brendangillatt.co.uk> wrote:

> Using just message signing you can't. Signing just verifies that the
> origin of the message is you, not how it is passed along to a
> recipient.
>
> If you only want one recipient to get a message's cleartext--and no
> one else--then you need to do encryption, not signing. NB: GPG will
> also do encryption.
>
>
Yes, but one can also record an encrypted message and play it over and over
again.

The only way I can think of is signing/encrypting the message and including
a message number counter on the message. The server and client both keep
track of the message number and increment it each time. If a replayed
message is arrived, it won't be valid because it would have an old message
number.

I assume that if the message is signed and the message number is
manipulated by a third party, the whole message-signature complex will be
detected as invalid by GPG verification

2012\07\12@220925 by Richard Prosser

picon face
Can you do a challenge/response type of thing? ie do you have 2 way comms?

If so you could send a request to the remote device and it sends you a
random string. You hash that and send it back, The remote unit also
hashes the random string and if the two hashes match and the system
has not timed out then it performs the original request. Or something
like that. You just need to make sure the hash algorithms are secured.

RP

On 13 July 2012 13:31, V G <x.solarwind.xspamKILLspamgmail.com> wrote:
{Quote hidden}

>

2012\07\12@223120 by Bob Ammerman

flavicon
face
> Yes, but one can also record an encrypted message and play it over and
> over
> again.
>
> The only way I can think of is signing/encrypting the message and
> including
> a message number counter on the message. The server and client both keep
> track of the message number and increment it each time. If a replayed
> message is arrived, it won't be valid because it would have an old message
> number.
>
> I assume that if the message is signed and the message number is
> manipulated by a third party, the whole message-signature complex will be
> detected as invalid by GPG verification.

Just include a date-time stamp in the message before encryption and signing..

-- Bob Ammerman
RAm Systems

2012\07\12@224514 by Bob Blick

face
flavicon
face
Remember that ham radio transmissions can't be encrypted.

Cheerful regards,

Bob


{Quote hidden}

-- http://www.fastmail.fm - Access your email from home and the web

2012\07\13@012312 by RussellMc

face picon face
> Remember that ham radio transmissions can't be encrypted.

May not be, formally.

But the rules, in at least some  administrations, allow the use of
"modes" which are essentially encrypted by their nature. How well
encrypted is moot. In such cases call sign must be sent in clear text
every xxx.



  Russel

2012\07\16@095402 by Isaac Marino Bavaresco

flavicon
face
Em 13/7/2012 02:22, RussellMc escreveu:
>> Remember that ham radio transmissions can't be encrypted.
> May not be, formally.
>
>  But the rules, in at least some  administrations, allow the use of
> "modes" which are essentially encrypted by their nature. How well
> encrypted is moot. In such cases call sign must be sent in clear text
> every xxx.
>
>
>
>    Russell


Can't you even encrypt a small payload inside the message? For instance
an AES encrypted 16-byte sequence?


Isaac

More... (looser matching)
- Last day of these posts
- In 2012 , 2013 only
- Today
- New search...