preface

A few days ago, I discussed some ideas to prevent impersonation in complex network environment (there are potential attackers). I have some interesting ideas to share here. Of course, the easiest way to prevent impersonation is authentication. Passwords, tokens, sessions are essentially the same thing and vulnerable to an attacker. Here is a list of personal considerations.

Application level

If you don’t care about real time, you can consider multiple bidirectional asymmetric encryption.

A periodically sends requests to B with an encrypted seed X, which is generated by the original seed Z randomly generated by A and encrypted by its own private key
Before receiving the next request from A, B adds a piece of validation data Y to the instruction sent by A, which is then generated by B decrypting X with A’s public key.
After receiving the data, A decrypts it with b’s public key first, and then checks whether the data Y is consistent with z, so that it can know whether B is real B.

The physical layer

Dedicated line + firewall should be the simplest and most direct physical protection

other

If you consider that B may be attacked, you can consider distributing B into multiple independent services, and then A can obtain instructions from multiple B and get the majority of the same.

mo4tech.com (Moment For Technology) is a global community with thousands techies from across the global hang out!Passionate technologists, be it gadget freaks, tech enthusiasts, coders, technopreneurs, or CIOs, you would find them all here.

Some ideas to reduce the likelihood of impersonation on different levels

preface

Application level

The physical layer

other

Some ideas to reduce the likelihood of impersonation on different levels

preface

Application level

The physical layer

other

Related Posts

Java Algorithms: Common Java-API usage tips

Don’t @wechat official, the most complete Santa hats are here!

IOS Swift 2 2 Rejected 2 23 Apps must follow the iOS Data Storage Guideline