Paip. Improved security ----- dynamic key
Author attilax, 1466519819@qq.com
When we transfer data between the two modules, if we are on the public network, we need to sign it ..
MD5 is usually used, and key is used for signature .. common encryption also includes 3DES ..
However, this key is static and it is difficult to prevent brute-force cracking, which may cause great security risks ..
So we need a dynamic key .. It can be changed automatically ..
Change factor. The best thing is time. Because time has been changing.
The following is my implementation
Key = hash (time) // accurate to hour/day, depending on specific requirements
Sign = hash (Data + key)
Send (data, sign)
At this time, the key is fixed within one hour/day. VerificationProgramCheck according to this time period. Once the specified time period expires, the key automatically and dynamically changes ..
..
Of course, the key verification may fail if the key is handed over at the same time .. Therefore, the two modules need time synchronization, and the error is generally within one hour ..
In this case, you can push up for 1 hour, and push down for 1 hour to get a key for verification .. If several keys fail, the verification fails ..
If (checkfail (Data + key ))
{
Tips (check fail );
End ()
}
Pretimekey = hash (time-1)
If (pretimekey = key)
{Tips (check fail );
End ()
}
If (checkfail (Data + pretimekey ))
{
Tips (check fail );
End ()
}
Nexttimekey = hash (Time + 1)
If (nexttimekey = key)
{Tips (check fail );}
}
If (checkfail (Data + nexttimekey ))
{
Tips (check fail );
End ()
}
...... Sometine sucess ........
.............
..............