Difference between revisions of "SQRL Signatures"

From SQRLauth.net
Jump to: navigation, search
(Created page with "Category:Safeguards")
 
Line 1: Line 1:
 
[[Category:Safeguards]]
 
[[Category:Safeguards]]
 +
=== Threat Model ===
 +
Ability of MITM attacker to modify, redact or replay messages between server and client. This safeguard covers protection of the Client=>Server flow protections, for Server=>Client communication flow see [[Server_MAC]].
 +
=== Assisting Safeguards ===
 +
All response message sent by server contain entropy as NUT / QRY parameter that effectively renders them unique for the purpose of this safeguard.
 +
=== Requirements ===
 +
Messages from client to server must be protected from being altered or replaced with similar messages.
 +
=== Methods ===

Revision as of 15:46, 25 March 2015

Contents

Threat Model

Ability of MITM attacker to modify, redact or replay messages between server and client. This safeguard covers protection of the Client=>Server flow protections, for Server=>Client communication flow see Server_MAC.

Assisting Safeguards

All response message sent by server contain entropy as NUT / QRY parameter that effectively renders them unique for the purpose of this safeguard.

Requirements

Messages from client to server must be protected from being altered or replaced with similar messages.

Methods