Security, cryptography: Stupid Challenge - Response protocol?

前端 未结 4 1917
别跟我提以往
别跟我提以往 2021-02-11 06:02

Ok guys just a small game:

I have some specifications for a project. At some point they ask for the following to encrypt a password over the net, saying that it is a cha

4条回答
  •  醉酒成梦
    2021-02-11 06:34

    You would be able to reverse engineer the password. You want to send the SHA of the password, not the password itself. Rolling your own security protocols is almost never a good idea. Can you not use SSL or something equivalent?

    http://en.wikipedia.org/wiki/Cryptographic_nonce

提交回复
热议问题