Licoln's suggestion is very good, but can be improved by using the hmac construction rather than md5(key, data). The hmac function is documented in http://www-cse.ucsd.edu/users/mihir/papers/hmac.html, or rfc2014. An elegant proof of this is too large to fit in this note. Adam On Fri, Oct 09, 1998 at 07:45:38AM -0800, Michael Blythe wrote: > >Since the referer information comes from the remote client, that doesn't > >prevent malicious destruction. Anyone with netcat or telnet could forge the > >referer field. It requires a little more expertise, but not much. > > In September's 'Web Techniques', Lincoln Stein dicscusses the problem of > using the referer header as an authentication method for CGI scripts. He > suggests using MD5 to check whether a form's fields have been tampered > with. I'm not sure if this would work with the wwwboard, because of the way > the script is passing info in hidden fields, but it will work in other > applications: > > Here's an abbreviated version of his suggestions: > > 1. Choose a secret key. > 2. Decide which form fields should be untamperable. > 3. Optional: put in consistency-checking hidden fields. > 4. Concatenate the key, the form fields, and the consitency-checking fields. > Compute the MD5 hash* and convert it to a hexadecimal string. > 5. Include within the form a new hidden field containing the hash. > 6. When the form is returned to your script, make sure all expected fields > are present, and that > expected values are present in the consistency-checking fields. > Recompute the MD5 hash and > compare it to the one in the form field. If they match, "you can be > pretty sure that the form > hasn't been tampered with." > > > * in perl, the MD5 hash can be computed as follows: > $hash = MD5 -> hexhash(MD5->hexhash ($secret) "@untamperable @consistency"); > > /mb -- "It is seldom that liberty of any kind is lost all at once." -Hume
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:19:12 PDT