security - public key cryptography and authentication for cross-platform network application -

-

i'm developing network based application control , telemetry on linux based embedded system. i'm using zmq network library , google protocol buffers serialization library communication purposes.

i took @ curvezmq there no official binding c++ , not want mess implementation czmq binding. therefore decided not want use curvezmq extension , i want use external library authentication , encryption.

i want apply following security measurements application/system:

  1. "curve" security mechanism, give me strong encryption on data, , (as far know) unbreakable authentication.
  2. client public key authentication.
  3. i appriciate library binding many programming languages because client application going run on many different platforms.

nice have:

  1. curve25519 elliptic curve cryptography (ecc) algorithm.

i believe can encapsulate handshake messages in protocol buffers messages.. so idea establish secure tunnel between server , client , somehow enforce client , server authentication. below can find how unsecure system working , imagine put encryption layer. not have idea how solve authentication issue @ moment.

here big picture of not secure system.

 ______________________                       ______________________ |                      |                     |                      |  application |        client        |                     |        server        |  layer |      application     |                     |      application     | |______________________|                     |______________________|        /\      ||                                   /\      ||        ||      ||                                   ||      ||  ______||______\/______                       ______||______\/______ |                      |                     |                      |  serialization |       protobuf       |                     |       protobuf       |  deserialization |______________________|                     |______________________|  layer        /\      ||                                   /\      ||        ||      ||                                   ||      ||  ______||______\/______                       ______||______\/______ |                      |                     |                      |  transport | zmq_socket.send(...) |-------------------->| zmq_socket.recv(...) |  layer |                      |      (tcp/ip)       |                      | | zmq_socket.recv(...) |<--------------------| zmq_socket.send(...) | |______________________|                     |______________________|      python client                                  c++ server

here how imagine secure system.

 ______________________                       ______________________ |                      |                     |                      |  application |        client        |                     |        server        |  layer |      application     |                     |      application     | |______________________|                     |______________________|        /\      ||                                   /\      ||        ||      ||                                   ||      ||  ______||______\/______                       ______||______\/______ |                      |                     |                      |  serialization |       protobuf       |                     |       protobuf       |  deserialization |______________________|                     |______________________|  layer        /\      ||                                   /\      ||        ||      ||                                   ||      ||  ______||______\/______                       ______||______\/______ |                      |                     |                      |  encryption |      encryption      |                     |      encryption      |  layer |______________________|                     |______________________|        /\      ||                                   /\      ||        ||      ||                                   ||      ||  ______||______\/______                       ______||______\/______ |                      |                     |                      |  transport | zmq_socket.send(...) |-------------------->| zmq_socket.recv(...) |  layer |                      |      (tcp/ip)       |                      | | zmq_socket.recv(...) |<--------------------| zmq_socket.send(...) | |______________________|                     |______________________|      python client                                  c++ server

basically need making system secure. me that?


Comments

Post a Comment

Popular posts from this blog

php - Admin SDK -- get information about the group -

-
please, help. https://www.googleapis.com/admin/directory/v1/groups/106274944935548788283 sending request obtain information group id 1062 ... here link method in google https://developers.google.com/admin-sdk/directory/v1/guides/manage-groups#get_group in response error - 401 unauthorized. oauth authenticate via user has received rights necessary request, included in console admin sdk. authorization successful, there token. not can not understand. if not hard - response. requested information: file_get_contents("https://www.googleapis.com/admin/directory/v1/groups/1062749‌​44935548788283?key=aizasybruhiomdf9nlx9lx3imxwesqmcrnhh4l4"); id group - "106274944935548788283" key applications in case - "aizasybruhiomdf9nlx9lx3imxwesqmcrnhh4l4" error: failed open stream: http request failed! http/1.0 401 unauthorized
Read more

dns - How To Use Custom Nameserver On Free Cloudflare? -

-
i have problem. i own small hosting company. trying add cloudflare site free cdn. problem when sign have change nameservers nameservers. have nameserver dns set through godaddy, how add them cloudflare? main site uses company's nameservers whenever add them site goes offline. when go cloudflare's dns records click on dropdown, click ns, , there's 2 boxes 'name' , 'nameserver'. mean input 'ns1' 'name' , 'ns1.domain.com' 'nameserver'? input server's ip addresses? is there way of accomplishing free version of cloudflare? that impossible. option have custom name servers available on business , enterprise. see https://www.cloudflare.com/plans . also, might mistaken. must change name servers in domain register settings, not on cloudflare.
Read more

Python Error - TypeError: input expected at most 1 arguments, got 3 -

-
can explain why can not use your_name in goal variable? my_name = "bryson" my_age = 29 your_name = input ("what name? ") your_age = input ("what age? ") print ("my name is", my_name,", , am", my_age, "years old.") print ("your name is", your_name,", , are", your_age,".") print("thank buying book,", your_name,"!") goal = input ("what favorite part of book,", your_name, "?") print("awesome!") the error is: goal = input ("what favorite part of book,", your_name, "?") typeerror: input expected @ 1 arguments, got 3 you got error because in fact gave 3 arguments input function when expecting 1 (namely, string prompt). in input ("what favorite part of book,", your_name, "?") ---------------------------------------- , ---------, --- the underlined parts comma-separated arguments: st...
Read more