On Fri, Sep 06, 2002 at 12:46:43PM -0400, Bryan Ponnwitz wrote: > I've designed an HR system for the company that I work for and part of > the system is a server application which allows for program updates to > be downloaded, messages to be sent to users and provides the ability to > kick users. For this, I've developed my own protocol running on port > 7282/tcp. Since this server is what I use for authentication, I had to > build some encryption into the protocol so that usernames and passwords > weren't being transmitted cleartext. My question is, how safe am I > using this encryption? I've heard that homegrown encryption is asking > for trouble, but it seems to me that it would be difficult to break it. > In any case, this is the encryption method that this program will use > since it's about to go into production, so please don't suggest > alternatives; I'm only looking to evaluate the method I've developed. > I've outlined my encryption methods bellow; take a look and let me know > how tough you think it would be to crack. Any comments are welcome! [deleted] Since the protocol is seriously flawed, the quality of the encryption algorithm is immaterial. An eavesdropper can recover any users ID and password by snooping the connection for the key and using it to decrypt the ID and password in the next packet. A man-in-the-middle attack is also possible since there is no authentication of the server by the client. So anyone can set up a "server" which sends a key to hapless users who connect to it (or whose connections are steered to it via well known TCP and DNS hijacking techniques), then decrypt the use's ID and password. There are probably other atacks as well; I stopped looking after spotting those. Eric
This archive was generated by hypermail 2b30 : Fri Sep 06 2002 - 14:06:57 PDT