It turns out the hard part of doing capabilities on the Internet is the lack of a suitable random number generator... which kinda blindsided me. I'm trying to find an implementation of the ISAAC random number generator that would work in either Python, or active server pages, and haven't been able to find one. It's critical to give out unforgeable tokens, and a cryptographically secure random number generator is the way to go. You can't even think of using the built in random generator, because it's too easy for a determined attacker to guess the next output after a short run of samples.
So, eventually I'll find what I want (or be forced to port it myself)... and then I can get back to the examples... which will generate a token consisting of the object, the capability, and a random number to serve as salt to keep from having it forged.
Wish me luck.
Subscribe to:
Post Comments (Atom)
1 comment:
You could salt it with the standard one for now and just allow for an entry point plugin so that if someone wants to use something stronger all they need to do is easy_install the egg and make a config change. Wouldn't just the ability to swap out the engine provide reasonable entropy?
Post a Comment