Rodrigo Garcia <[email protected]> writes: > I see, however the project has already been accepted so i will have to > do it anyway :( > > Maybe i can think not to use random numbers but something to make it > more difficult that a false ciphertext be accepted by other nodes.
Well, the way you avoid this is to do a proper signature. You could do something like SIGN(CONCAT(prefix, router_id, nonce)) and use that as your token. The exact information you use for the signature has to be decided based on your threat analysis, which is why I suggested you take a step back and do one. For instance, you may want to add a timestamp so you can expire signatures after a while. > Thanks, i will use the references to point out the vulnerabilities. Good luck! :) -Toke _______________________________________________ Babel-users mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/babel-users
