Client server program for authentication verification in c

Improve this answer. Codebender Codebender LdapCtxFactory" ; ldap. Mojtaba Yousefi 1 1 gold badge 8 8 silver badges 25 25 bronze badges. Sign up or log in Sign up using Google. Sign up using Facebook. Sign up using Email and Password. Post as a guest Name.

Email Required, but never shown. The Overflow Blog. Podcast Making Agile work for data science. Stack Gives Back Featured on Meta. New post summary designs on greatest hits now, everywhere else eventually. Viewed 23k times. Client connects to the server. Server sends a 'token' to the Client based on time probably and whatever Client returns the username and a sha1 encrypted password, along with the token.

Server receives them and authenticates the user to the credentials in the server-side database. The token is now verified and the user is signed in with the token. Implementation details aren't required, as I am capable of doing the implementation. Security is an issue for me, so I want to be sure I do it right. Sincerely, Jesse. Improve this question. Jesse Brands. Jesse Brands Jesse Brands 2, 7 7 gold badges 23 23 silver badges 34 34 bronze badges.

By the way, great question. Clear, specific, well written, correct grammer, etc. Add a comment. Active Oldest Votes. The client connects to the server, sending in the user-name but not password The server responds by sending out unique random number The client encrypts that random number using the hash of their password as the key The client sends the encrypted random number to the server The server encrypts the random number with the correct hash of the user's password The server compares the two encrypted random numbers This has a couple of advantages.

Edit: To authenticate each packet without the overhead of encrypting everything, you could do something like this: The server sends its public key with the challenge The client generates a random number, encrypts it with the server's public key, and sends it back with its response The number is the first number used for counter-mode encryption The client includes one counter-mode result with each packet it sends Counter mode means you just generate consecutive numbers, and encrypt each in turn, using the right key.

Improve this answer. Jerry Coffin Jerry Coffin k 74 74 gold badges silver badges bronze badges. Great answer, that was kind of what I was hoping for. Do I have to worry about authentication after these steps? Or can I assume that for the rest of the connection that it's okay.

JesseBrands: It depends on how security conscious you're being. If you really care, you can have the server send its public key along with the challenge, and the client send back a session key encrypted with the public key with its response, then use encryption for the rest of the session. Aside from logging in to the server, no sensitive data is ever sent from the client or from the server. From there on it's just packets with requests from the client to the server, and responses from the server.

In that sense, speed is an issue, which is why I don't want to "oversecure" the connection. JesseBrands: I've added a bit about one way to have per-packet authentication with fairly minimal overhead. I made some changes for request the certificate on server-side, the comunication works fine and is understood in both sides. After juggling with the error for one day, i found that the error was because the self-generated CA was not in the trust chain of the machine I was using.

I think the above procedure can be followed for fedora too. If this does not work, it might be useful to explore the commands like "update-ca-certificates". Hope this will be useful to someone. As I was saying in comments to one of your previous question , the fact that you get " Malformed Packet: GSM over IP " or something odd here is normal.

You're using port , which is normally reserved for protocol commplex-main. Therefore, without any extra information, Wireshark tries to analyse the traffic it sees with the commplex-main decoders. Wireshark only guesses the protocol using the port number it sees. You have to tell it to try a different decoder, if you're not using the standard port for that protocol.

More specifically, right click on a packet and choose Decode As Stack Overflow for Teams — Collaborate and share knowledge with a private group.

Create a free Team What is Teams? Collectives on Stack Overflow. Learn more. Asked 9 years, 5 months ago. Active 5 years, 5 months ago.