SQRL Signatures

From SQRLauth.net
Revision as of 15:46, 25 March 2015 by Ramriot (Talk | contribs)

Jump to: navigation, search


Threat Model

Ability of MITM attacker to modify, redact or replay messages between server and client. This safeguard covers protection of the Client=>Server flow protections, for Server=>Client communication flow see Server_MAC.

Assisting Safeguards

All response message sent by server contain entropy as NUT / QRY parameter that effectively renders them unique for the purpose of this safeguard.


Messages from client to server must be protected from being altered or replaced with similar messages.