On 9/18/06, Rafael 'Dido' Sevilla <[EMAIL PROTECTED]> wrote:
Exactly. That's why it's better to have the messages encrypted. But it will only if every sender has its own key. Authentication at some level and encryption at the same time.
But it could be just me. I'm more concerned on who'll be running but that would be OT.
John Peter Loh wrote:
> How about encrypting the SMS message too?
Encryption is not as important as authentication. Since the tallies are
supposed to be public knowledge anyway, it doesn't matter if the message
gets intercepted and read. No one will be able to cheat simply by
reading the messages containing the tallies. What will kill the system
is if someone can insert false messages that are interpreted by the
system as valid, or if someone is able to modify messages before they
are received by the system and have the modified messages accepted as
valid.
Exactly. That's why it's better to have the messages encrypted. But it will only if every sender has its own key. Authentication at some level and encryption at the same time.
But it could be just me. I'm more concerned on who'll be running but that would be OT.
Encryption for this application is a waste of time and effort,
but authentication is absolutely crucial.
--
We must remember that we have more power than our enemies to
worsen our fate.
http://stormwyrm.blogspot.com/
_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
[email protected] (#PLUG @ irc.free.net.ph)
Read the Guidelines: http://linux.org.ph/lists
Searchable Archives: http://archives.free.net.ph
--
John Peter Loh
Phone: +13602267476
Web: http://www.jploh.com/
_________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List [email protected] (#PLUG @ irc.free.net.ph) Read the Guidelines: http://linux.org.ph/lists Searchable Archives: http://archives.free.net.ph
