bobsneidar at iotecdigital.com
Mon Apr 6 10:49:09 EDT 2020
Hi Phil. Thanks for the reply.
I’m curious how this client server method handles multiple simultaneous connections? I had the idea of having a listener agent spawn an SQL Agent stack the first time a client connected, that would then listen on a random port. The listener agent would return the random port to the client which would then in the future communicate with the random SQL agent directly. A kind of passive connection if you will. I’m not sure all that is necessary though.
I kept waking up all night thinking of ways to implement the encryption so that even a person with time to decipher the method would not be able to use it in subsequent captures.
Of course, nothing is uncrackable, even Fort Knox, given the time, resources and resolve. The trick to encryption is to make the process of foreign decryption so tedious and time consuming that it isn’t worth the effort.
And of course the reward for the foreign agent has to be considered when determining the level of complexity. There is no hacker in the Ukraine poring over the encrypted packets of my SQL transactions to access my data, so I don’t think I need go to extreme measures! I simply need to be able to reassure the principles of my company that their data is secure in transit.
One more note, to secure passwords that I store in SQL, I encrypt those separately with a different key and seed before creating the SQL. That way, even if someone got physical access to the database, they couldn’t decipher the passwords.
On Apr 5, 2020, at 11:25 PM, Phil Davis via use-livecode <use-livecode at lists.runrev.com<mailto:use-livecode at lists.runrev.com>> wrote:
I created a client-server business system for a client some years ago. It too uses data encryption. What I did on the server side was prep the data for net transfer (base64Encode it as the final prep step, I think), then transfer length(data) & CR & data.
On the client side, the app reads from the socket for 1 line (which goes into a variable, say "X"), then read from socket for X bytes. This keeps it simple - no need for special terminators etc - and seems to always work.
More information about the use-livecode