On Thursday 19 February 2009 17:00:04 Stef wrote: > * Use a key agreement protocol to establish session keys, and then > transfer secrets encrypted while in DBus. > Pros: Simple conceptually. > Cons: Complex practically, need libgcrypt or other crypto library > dependency. I've been toying around with that today. What I got was a simple implementation of the Diffie-Hellman(-Merkle) key exchange. It consists of merely two methods: - openSession is issued by the client and sends the symmetric cipher(s) it wants/understands, its public dh key and an initialization vector (for the symmetric encryption). The server generates its own private key, the symmetric key (using the client's pubkey) and sends its public key back to the client. On completion both sides will be able to generate the symmetric key and thus have a channel to exchange encrypted data (a session). - closeSession is issued by the client if it no longer needs the encrypted channel. Alternatively the server will check if the client vanishes using the session bus and remove it as well. I implemented it so that one DBus client can establish exactly one session with one server at a time. Drawbacks this method has: - The encryption is layered above DBus. I haven't found a way to somehow make this transparent (in Qt). This means based on the protocol specification client and server have to encrypt/decrypt arguments accordingly. (please note that I'm using the notion of a "client" and a "server". In practice one service could be both so each side could initiate an encrypted session). Overall this seems pretty viable. Of course being a KDE guy I implemented this using Qt. Without knowing a lot about glib I assume it would be equally easy to implement there (not for me but for someone who actually knows glib :)). Regards, Michael
Attachment:
signature.asc
Description: This is a digitally signed message part.