Re: [Help-gnutls] Signing multicast traffic with gnutls API ?

help-gnutls

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Help-gnutls] Signing multicast traffic with gnutls API ?

From:	Nikos Mavrogiannopoulos
Subject:	Re: [Help-gnutls] Signing multicast traffic with gnutls API ?
Date:	Thu, 30 Oct 2008 19:56:55 +0200
User-agent:	Thunderbird 2.0.0.17 (X11/20080925)

Nikos Mavrogiannopoulos wrote:

>> The easiest sollution seems to sign a hash value of every package
with a
>> asymmetric public key and check this signature at the
>> receiver/retransmitter.
> Actually you cannot use TLS as a protocol since you don't have peer to
> peer communication to perform a handshake. You could use
> gnutls_x509_privkey_sign_data() and verify_data().

However you must know that replay/reordering attacks and maybe others
are possible, so care must be taken to avoid those if they apply. It
might be better to check if there is already a protocol for signing
broadcasted data, and follow that.

regards,
Nikos

[Prev in Thread]

Current Thread

[Next in Thread]

[Help-gnutls] Signing multicast traffic with gnutls API ?, Henning Rogge, 2008/10/30
- Re: [Help-gnutls] Signing multicast traffic with gnutls API ?, Nikos Mavrogiannopoulos, 2008/10/30
  - Re: [Help-gnutls] Signing multicast traffic with gnutls API ?, Nikos Mavrogiannopoulos <=
    - Re: [Help-gnutls] Signing multicast traffic with gnutls API ?, Henning Rogge, 2008/10/31

Prev by Date: [Help-gnutls] examples won't compile
Next by Date: Re: [Help-gnutls] Diffy-Hellman: Regeneration of prime and primitive root
Previous by thread: Re: [Help-gnutls] Signing multicast traffic with gnutls API ?
Next by thread: Re: [Help-gnutls] Signing multicast traffic with gnutls API ?
Index(es):
- Date
- Thread