[nycphp-talk] Tamperproof URLs and PHP slides posted
Nick Galbreath
nickg at modp.com
Wed Dec 12 13:09:47 EST 2007
Hi yah,
re: Chris and public/private key pairs.
In your solution/example, anyone with the public key can talk to the server.
Since anyone with the public key can then forge messages somehow you have
to "hide" the public key. This isn't any different from use plain old
secret keys as he did originally. Even if you flipped it around somehow and
that the server minted key-pairs for each client downloaded (good luck),
there it's the same problem of hiding the private key on client. This does
make communicating back to the server 'secure' in that people can't see what
is being transmitted but it doesn't prevent forgeries which what I think the
original issue was about.
The SSL example is solving a different problem of how two parties with out a
shared secret can communicate security without snoopers.
cheers,
-nickg
On 12/12/07, csnyder <chsnyder at gmail.com> wrote:
>
> On Dec 12, 2007 10:32 AM, John Campbell <jcampbell1 at gmail.com> wrote:
>
> > Initially the scores were send as a simple post request, e.g.
> > name=john&score=1000. This is a problem because it is trivial to
> > forge the request. So my solution was to create the post request as
> > follows:
> >
> > name=john&score=1000&checksum= . md5(md5("My secret") . name . score)
> >
> > on the server side, I can verify the checksum.
> >
> > This works well enough, but an enterprising hacker can download my swf
> > file and run `strings game.swf` to extract "My secret", and then they
> > can forge the request. Is there any cryptography method that
> > guarantees the request is coming from my code?
> >
>
> Yes there is, John, but you may need to seriously consider whether
> implementation is worth it.
>
> You can use a public/private key pair to perform asymmetric
> encryption. That means that a value encrypted using one key can only
> be decrypted using the other. This is the encryption scheme used for
> SSL, where your browser uses the server's public key (aka Certificate)
> to encrypt the request.
>
> So you would use the game's public key to encrypt hash-of-score:random
> on the client side. And then on the server, you would use the game's
> private key to decrypt the value and check the hash.
>
> Your tasks, should you choose to go this route, are to find an RSA
> implementation in ActionScript to perform the encryption, and to use
> PHP's OpenSSL support to perform the decryption. I'm pretty sure the
> first task is going to be tougher than the second unless Adobe
> provides an api in the Flash player.
>
> --
> Chris Snyder
> http://chxo.com/
> _______________________________________________
> New York PHP Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> NYPHPCon 2006 Presentations Online
> http://www.nyphpcon.com
>
> Show Your Participation in New York PHP
> http://www.nyphp.org/show_participation.php
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20071212/7c59b0f5/attachment.html>
More information about the talk
mailing list