tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: cgd and remote keys

On 2008-01-05 15:08 +0000 (Sat), Gavan Fantom wrote:

> These things should all have secure protocols for communication,
> especially the bluetooth and IP solutions. Authentication should
> be two-way (and not just based on IP / MAC address) and should be
> resistant to replay attacks. It should also be as resistant as
> possible to somebody obtaining the server as well as the client.

I may be wrong about this, but it seems to me that simply splitting the
key material between the server and client, with each holding only a
part of it, would make all of these precautions needless, or at least
very much less useful.

Curt Sampson       <>        +81 90 7737 
Mobile sites and software consulting:

Home | Main Index | Thread Index | Old Index