Authentication Using Rotor

Ed Young ejy712 at comcast.net
Fri Mar 14 23:43:31 CET 2003


I am writing a distributed application in Python which uses 
sockets to transfer data.  I would like to authenticate the 
sender when a socket connection is made.

The best I have come up with so far is to have identical keys
at both the sender and the receiver.  The receiver would send
a random integer challenge to the sender.  The sender would
encrypt the challenge and return it.  The receiver would also
encrypt the challenge integer and compare it with what the
sender returned.  If they compare the connection would be
allowed to continue.

The Python supplied encryption module is 'rotor', which I 
propose to use for encrypting the challenge.  This mechanism 
will have to work across all platforms on which Python runs.

Is this a reasonable approach to authentication?  Is there a
standard, builtin, or better way to do this?  If this is a
resonable approach, any ideas for key generation, or for that
matter generating a truely random challenge integer?

I recognize the need to authenticate, but I haven't quite 
figured out how to practically accomplish it yet.

Thank you for your thoughs on this problem...




More information about the Python-list mailing list