undefined | Better HN

0 pointsH8crilA1y ago0 comments

Authentic channel is a channel typically uses digital signatures, or MACs, or something like the Dragonfly protocol used for example in WPA3. As you may know the padlock and alerts in browsers are exactly for that reason, to show that a channel is authentic. The client doesn't authenticate by default, we use passwords/API keys/oauth/etc for that. Though the client actually can, and some services use that.

> Second, it's very hard to imagine authorization on an open channel like radio, without any sort of encryption.

It's easy: you add digital signatures to sign plaintext packets/messages. And now you know they are authentic, and not generated by some random guy that bought a HackRF last week, and is now testing all firmwares that he can find.

0 comments

nextaccountic1y ago

I think the point made is that digital signatures are encrypted messages (eg. you may encrypt a hash of the message using your private key)

2 more replies

j / k navigate · click thread line to collapse

0 comments

nextaccountic1y ago

I think the point made is that digital signatures are encrypted messages (eg. you may encrypt a hash of the message using your private key)

2 more replies

j / k navigate · click thread line to collapse