I can imagine this was asked a couple of times, but a search of "encrypt" within the forum did not provide any results, so i add a posting.
As in V1.1A7 the traffic between client and server is not encrypted and as such might be a potential security risk. (Etherreal shows a lot of plain text).
This _might_ be ok in a LAN but wont work over the public internet. Of cause one can use a vpn or ssh tunnel or anything else. This would add up complexity to the entire setup (i..e how to monitor the ssh or vpn tunnel etc.)
Therefore i suggest to add a simple and basic symmetric encryption like for example blowfish which is fairly secure and easy to implement.
Some thoughts on this:
-When using a common shared symmetric encryption, the keys has to be put on any any client. this means in turn that anyone with access to one client could decrypt any traffic von any othe clients.
-To work around this, the encryption key could be specific to the host and placed in the sql database - defined via the webinterface in the host setup. In this case the question is when to decrypt the data. Would the server_proccess query the sql-database or mainatin a hashtable. If the server has to query the sql-database anyway upon a client requst (which it seems to do), than this should not be a performance issue though.
P.S. Of cause one could use also asymetric encrption (like RSA, DH or upper level protocalls like SSL / TLS) , but this adds some more complexcity to the implementation.
Thoughts ?
As in V1.1A7 the traffic between client and server is not encrypted and as such might be a potential security risk. (Etherreal shows a lot of plain text).
This _might_ be ok in a LAN but wont work over the public internet. Of cause one can use a vpn or ssh tunnel or anything else. This would add up complexity to the entire setup (i..e how to monitor the ssh or vpn tunnel etc.)
Therefore i suggest to add a simple and basic symmetric encryption like for example blowfish which is fairly secure and easy to implement.
Some thoughts on this:
-When using a common shared symmetric encryption, the keys has to be put on any any client. this means in turn that anyone with access to one client could decrypt any traffic von any othe clients.
-To work around this, the encryption key could be specific to the host and placed in the sql database - defined via the webinterface in the host setup. In this case the question is when to decrypt the data. Would the server_proccess query the sql-database or mainatin a hashtable. If the server has to query the sql-database anyway upon a client requst (which it seems to do), than this should not be a performance issue though.
P.S. Of cause one could use also asymetric encrption (like RSA, DH or upper level protocalls like SSL / TLS) , but this adds some more complexcity to the implementation.
Thoughts ?
Comment