Talk:RSA implementation
From WinBolo
Contents |
RSA page location
I created a new page for RSA stuff, and moved the conversational stuff to this discussion page in an attempt to separate documentation and discussion. Also, you can 'sign' your Wiki discussions by using four tildes (~~~~)
Jhood 16:41, 16 December 2008 (UTC)
Example Process
- Client connects to server, gets put in "verify" stage
- Server sends client a random string of characters
- Client encodes it with it's private key and the server's public key
- Client sends encoded message along with it's public key to server
- Server checks to see if the public key sent by the client is on approved list.
public key is on approved list: server continues with process.
public key is not on approved list: server returns a message saying connection declined, please contact proper authorities to get your client binary approved. - Server decodes the encoded message using the public key supplied by the client.
- Server checks to see if the decoded message equals the original message
Messages are the same: client is allowed to connect to server.
Messages are not the same: server sends message back to client stating something about erroneous keys.
Automatic Generation of Keys
So let's say playerA compiles their own client on Monday and gets it added to the white-list of a server. Then on Tuesday, playerA decides to adjust the source and put a new executable out there to download using the same white-listed public key. What is to stop other players from using this new executable, short of removing that player's public key from the white-list?
Non-Developer Clients
Currently, WinBolo is at version 1.15. You can either play with a pre-compiled client or a client compiled from source. If we implement the above process, that assumes that every client will have the necessary set of keys. That is not currently the case with 1.15. Will there be a new release of 1.16 once RSA is implemented?
John: Yes that is correct. A new 1.16 release will have to be made available.
