[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: cgd and remote keys
On 2008-01-05 15:08 +0000 (Sat), Gavan Fantom wrote:
> These things should all have secure protocols for communication,
> especially the bluetooth and IP solutions. Authentication should
> be two-way (and not just based on IP / MAC address) and should be
> resistant to replay attacks. It should also be as resistant as
> possible to somebody obtaining the server as well as the client.
I may be wrong about this, but it seems to me that simply splitting the
key material between the server and client, with each holding only a
part of it, would make all of these precautions needless, or at least
very much less useful.
Curt Sampson <cjs%starling-software.com@localhost> +81 90 7737
Mobile sites and software consulting: http://www.starling-software.com
Main Index |
Thread Index |