A hash-based secure interface on plain connection
暂无分享,去创建一个
This paper proposes a hash-based secure interface between two nodes on the Internet, especial between two interfaces or two web pages. Digital signatures and public-private keys are traditionally used to provide integrity and authentication. This paper proposes an alternative method which uses a shared private key and a public hash function for a message that is sent over a plain connection without losing integrity and authentication. An additional private algorithm is needed when the message has been hashed based on the message and the salt (the shared private key), and the hashed value will be re-computed with the private algorithm to produce a string named as checksum. At the other end, when a message is received with a checksum the same process is followed to produce a new checksum. If the produced checksum is equal to the received checksum, the message is legitimate. For efficiency and reliability, a timestamp and validity period is introduced to the scheme. The salt gets more salty with time included and so does the secure interface.
[1] Adi Shamir,et al. A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.
[2] Hugo Krawczyk,et al. HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.
[3] Xiaoyun Wang,et al. How to Break MD5 and Other Hash Functions , 2005, EUROCRYPT.
[4] Toby Velte,et al. Cloud Computing, A Practical Approach , 2009 .
[5] Martin Cochran. Notes on the Wang et al. 263 SHA-1 Differential Path , 2007, IACR Cryptol. ePrint Arch..