[Ffmpeg-devel] SVN challenge response authentication weaknesses
Michael Niedermayer
michaelni
Mon May 29 19:26:39 CEST 2006
Hi
On Mon, May 29, 2006 at 07:36:02PM +0300, Uoti Urpala wrote:
> On Mon, 2006-05-29 at 17:19 +0200, Michael Niedermayer wrote:
> > > Your new system doesn't have any redundancy in the data stream and so
> > > cannot detect modifications. It might be hard to change a block to a
> >
> > you could add a checksum to each messages (not packet) to protect against
> > that ...
>
> Yes, and then you could just use a secure HMAC for the checksum and skip
> the custom encryption if you don't care about secrecy.
yes but naive HMAC (you didnt specify anything exactly ...) would be
quite vulnerable, you could remove, reorder and duplicate messages as
you like, that combined with the lack of encryption seems like quite
problematic
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
In the past you could go to a library and read, borrow or copy any book
Today you'd get arrested for mere telling someone where the library is
More information about the ffmpeg-devel
mailing list