Authentication Using Rotor
Ed Young
ejy712 at comcast.net
Fri Mar 14 17:43:31 EST 2003
I am writing a distributed application in Python which uses
sockets to transfer data. I would like to authenticate the
sender when a socket connection is made.
The best I have come up with so far is to have identical keys
at both the sender and the receiver. The receiver would send
a random integer challenge to the sender. The sender would
encrypt the challenge and return it. The receiver would also
encrypt the challenge integer and compare it with what the
sender returned. If they compare the connection would be
allowed to continue.
The Python supplied encryption module is 'rotor', which I
propose to use for encrypting the challenge. This mechanism
will have to work across all platforms on which Python runs.
Is this a reasonable approach to authentication? Is there a
standard, builtin, or better way to do this? If this is a
resonable approach, any ideas for key generation, or for that
matter generating a truely random challenge integer?
I recognize the need to authenticate, but I haven't quite
figured out how to practically accomplish it yet.
Thank you for your thoughs on this problem...
More information about the Python-list
mailing list