SQRL Signatures

From SQRLauth.net
Revision as of 15:46, 25 March 2015 by Ramriot (Talk | contribs)

Jump to: navigation, search

Contents

Threat Model

Ability of MITM attacker to modify, redact or replay messages between server and client. This safeguard covers protection of the Client=>Server flow protections, for Server=>Client communication flow see Server_MAC.

Assisting Safeguards

All response message sent by server contain entropy as NUT / QRY parameter that effectively renders them unique for the purpose of this safeguard.

Requirements

Messages from client to server must be protected from being altered or replaced with similar messages.

Methods