README
¶
Word of Wisdom
Challenge-response Protocol
Challenge-response protocols involve sending a challenge to a client, which must then compute a response that can be used to authenticate the client to a server. There are various algorithms that can be used to implement challenge-response protocols, depending on the specific requirements of the system.
Word of Wisdom TCP server is using HMAC algorithm to protect the server from the DDOS attack.
Why using HMAC for CRAM?
One commonly used algorithm for challenge-response protocols is the HMAC algorithm, which is a type of message authentication code (MAC) that uses a cryptographic hash function in combination with a secret key to verify the integrity and authenticity of a message. In this algorithm, the server generates a challenge, and sends it to the client along with a secret key. The client then computes an HMAC using the challenge and the secret key, and sends the HMAC back to the server as the response. The server can then verify the response by computing the HMAC using the same secret key and comparing it to the response sent by the client. If the HMACs match, the client is authenticated.
Another reason for using HMAC was because there were not much details in the requirements I received. As a result, I chose the most common and simple algorithm to implement.
Directories