Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>What you are doing seems reasonably sane, except for not checking the parameters (which is going to be a pretty big problem).</p> <p>Something which is very similar to your design which it might be wise to copy is the <a href="http://docs.amazonwebservices.com/AlexaWebInfoService/1-0/RequestAuthentication" rel="nofollow noreferrer">Amazon Web Services Request Authentication Scheme</a></p> <p>In particular make sure your encoding scheme for the parameters is unambiguous and invertible; Amazon <a href="http://www.daemonology.net/blog/2008-12.html" rel="nofollow noreferrer">screwed this up</a> at one point. Learn from their mistakes. :)</p> <p>Cryptographically speaking, what you are doing is not called a signature but rather a message authentication code (MAC). A MAC can be created and verified by anyone who shares the secret key (the term 'signature' is normally reserved for public key schemes like DSA or RSA). MD5(msg || K) is a known and reasonably sane MAC; I'm not sure if you missed it by accident or on purpose, but a method that seems on the surface to be equivalent, MD5(K || msg), is quite insecure, because a quirk in how MD5 (and most other hash functions) are designed means that if you know H(m) you can easily compute H(m || m2) for any m2 - so if you were using MD5(K || param1=5), someone could pull this off the wire and then create MD5(K || param1=5,param2=666). (It's perhaps a bit more technical than you're interested in, but this is called the <a href="http://en.wikipedia.org/wiki/Merkle%E2%80%93Damg%C3%A5rd_construction" rel="nofollow noreferrer">length extension property</a>).</p> <p>However while MD5(K || msg) is probably 'fine', you are better off using something like HMAC, because it was actually designed as a MAC. MD5 has a lot of problems but nothing directly affecting its use as a MAC (yet - MD4 has been broken in this way). So for future-proofing (and audit-proofing) use HMAC with SHA-1 or SHA-256 instead. Even if you don't want to pull in a crypto library, HMAC is quite simple and there are known values available for <a href="http://tools.ietf.org/rfc/rfc2202.txt" rel="nofollow noreferrer">SHA-1</a> and <a href="http://tools.ietf.org/rfc/rfc4868.txt" rel="nofollow noreferrer">SHA-2</a> so you can check your code.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload