Collaborate Disseminate
First, some background: I’ve got a C++-based client/server system that uses the OpenSSL C library to encrypt the client/server connections. This is done in (what I believe is) the canonical OpenSSL fashion; that is to say, … Continue reading Client-only authentication instead of server-only authentication, using OpenSSL
Is it possible with TLS to only authenticate the client? In other words can one-way TLS be setup in such a way that only the host initiating the connection uses a client certificate and the second host in the transaction does… Continue reading Is it possible to setup 1-way TLS client authentication without server certificates?
I have an application running the client/server model and offering an online and an offline mode. Each user can read, create or modify text files (even in offline mode) that will be present on his disk. I want to prevent any … Continue reading How to keep track of file authenticity while offline
I’m a newbie when it comes to information security. So pardon me if the solution can be found at page 12 of any introductory text.
I have an express server and two android apps(for clients and admin). The installed apps will… Continue reading Verifying the authenticity of data coming to a server
How do I implement integrity verification using the checksum of files in a client-server protocol where the client sends multiple files to the server. I am using the following steps:
The client connects to the server and se… Continue reading How to Verify Integrity of Transferred Files in a Client Server Protocol
The “Kitten of Doom” denial-of-service attack is easy to carry out. Continue reading Emoji Attack Can Kill Skype for Business Chat
I have multiple clients who all run state machines and one mediator, who is used by the clients to communicate with each other. Is it possible for the client to proof that a proposed state change is legal/valid, without revil… Continue reading Is it possible to "prove" that a state change in a state machine is valid, without revealing the stat machine?
I have multiple clients who all run state machines and one mediator, who is used by the clients to communicate with each other. Is it possible for the client to proof that a proposed state change is legal/valid, without revil… Continue reading Is it possible to "prove" that a state change in a state machine is valid, without revealing the stat machine?
I have a server application which provides functions to a client program. The client is also programmed by me. Now I want to authenticate the client program itself (not any user) before using my service. I want to achieve tha… Continue reading How to authenticate a specific client program?
Let’s say I created a voting system where each voter would use an app and vote on a candidate. The app would send the vote to a server. The server would store the vote on a DB with the request IP.
Is it possible to implement… Continue reading Prove a client sent a request – voting system