Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 1. Client connects to server.
- 2. Server sends client it's public key.
- 3. Client encrypts it's hashed password and it's public key with the server's public key and sends these to the server (with HMAC).
- 4. Server checks the HMAC and decrypts the data. It then checks if the user's password is correct.
- 5. Valid Password:
- Server generates a symmetric AES key, encryptes it with the client's public key, and sends it to the client (with HMAC?).
- Client now encrypts all data with this key. Server does the same.
- Invalid Password:
- Server sends some sort of error packet to the client.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement