summaryrefslogtreecommitdiff
path: root/pipermail/pycrypto/2009q1/000060.html
diff options
context:
space:
mode:
Diffstat (limited to 'pipermail/pycrypto/2009q1/000060.html')
-rw-r--r--pipermail/pycrypto/2009q1/000060.html86
1 files changed, 86 insertions, 0 deletions
diff --git a/pipermail/pycrypto/2009q1/000060.html b/pipermail/pycrypto/2009q1/000060.html
new file mode 100644
index 0000000..4017eaf
--- /dev/null
+++ b/pipermail/pycrypto/2009q1/000060.html
@@ -0,0 +1,86 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
+<HTML>
+ <HEAD>
+ <TITLE> [pycrypto] Quick and Easy Email Authentication
+ </TITLE>
+ <LINK REL="Index" HREF="index.html" >
+ <LINK REL="made" HREF="mailto:pycrypto%40lists.dlitz.net?Subject=%5Bpycrypto%5D%20Quick%20and%20Easy%20Email%20Authentication&In-Reply-To=">
+ <META NAME="robots" CONTENT="index,nofollow">
+ <META http-equiv="Content-Type" content="text/html; charset=us-ascii">
+ <LINK REL="Previous" HREF="000059.html">
+ <LINK REL="Next" HREF="000068.html">
+ </HEAD>
+ <BODY BGCOLOR="#ffffff">
+ <H1>[pycrypto] Quick and Easy Email Authentication</H1>
+ <B>David MacQuigg</B>
+ <A HREF="mailto:pycrypto%40lists.dlitz.net?Subject=%5Bpycrypto%5D%20Quick%20and%20Easy%20Email%20Authentication&In-Reply-To="
+ TITLE="[pycrypto] Quick and Easy Email Authentication">macquigg at ece.arizona.edu
+ </A><BR>
+ <I>Sun Feb 1 17:30:21 CST 2009</I>
+ <P><UL>
+ <LI>Previous message: <A HREF="000059.html">[pycrypto] synchronisation 2 computers'databases
+</A></li>
+ <LI>Next message: <A HREF="000068.html">[pycrypto] Quick and Easy Email Authentication
+</A></li>
+ <LI> <B>Messages sorted by:</B>
+ <a href="date.html#60">[ date ]</a>
+ <a href="thread.html#60">[ thread ]</a>
+ <a href="subject.html#60">[ subject ]</a>
+ <a href="author.html#60">[ author ]</a>
+ </LI>
+ </UL>
+ <HR>
+<!--beginarticle-->
+<PRE>Hello,
+
+I'm working on an email authentication system that needs a little more security. The idea is that a sender will include an authentication code in the very first command to request an email session. For example, arizona.edu might include the code 'f33faf76' as in:
+HELO IDf33faf76.mailout09.arizona.edu
+The receiver can then verify that this is not a forgery by getting a DNS record from mailout09.arizona.edu. The simplest way to do this is for arizona.edu to publish that code verbatim, and change it frequently. It won't take long, however, for the crooks to modify their zombies to query the DNS records at the victim domain, and use the same code in their forged HELO commands.
+
+So what we really need in the sender's DNS record is not the actual code, but a public key that can be used to decrypt the code and prove not only that it was generated by the alleged sender, but it was generated recently, like within a few seconds of when the HELO command was sent.
+
+I'm trying to figure out how to do this with PyCrypto, but the API documentation is not much help. It would be nice to have an example showing encryption and decryption using RSA.
+
+Here are the stub functions I'm using:
+def encrypt(plaintext, privkey):
+ return 'f33faf76'
+
+def decrypt(authcode, pubkey):
+ return '315:14:45:03' # day:hour:minute:second
+Help will be greatly appreciated. I'll be glad to help with documentation, once I understand how this package is used.
+
+-- Dave
+
+************************************************************ *
+* David MacQuigg, PhD email: macquigg at ece.arizona.edu * *
+* Research Associate phone: USA 520-721-4583 * * *
+* ECE Department, University of Arizona * * *
+* 9320 East Mikelyn Lane * * *
+* <A HREF="http://purl.net/macquigg">http://purl.net/macquigg</A> Tucson, Arizona 85710 *
+************************************************************ *
+
+
+</PRE>
+
+
+
+<!--endarticle-->
+ <HR>
+ <P><UL>
+ <!--threads-->
+ <LI>Previous message: <A HREF="000059.html">[pycrypto] synchronisation 2 computers'databases
+</A></li>
+ <LI>Next message: <A HREF="000068.html">[pycrypto] Quick and Easy Email Authentication
+</A></li>
+ <LI> <B>Messages sorted by:</B>
+ <a href="date.html#60">[ date ]</a>
+ <a href="thread.html#60">[ thread ]</a>
+ <a href="subject.html#60">[ subject ]</a>
+ <a href="author.html#60">[ author ]</a>
+ </LI>
+ </UL>
+
+<hr>
+<a href="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">More information about the pycrypto
+mailing list</a><br>
+</body></html>
View Lorry Controller Status