G.3. Detecting tampering
Asymmetric cryptography makes it almost impossible for an unauthorized person to eavesdrop on communication (provided that the private keys are kept safe and are not easy to guess).
However, if an impostor knows the recipient’s public key (which is very likely), then he can use it to insert spurious data in the communication between the sender and the recipient (assuming that the impostor has physical access to the data). We would, of course, like to prevent this, or at least to detect that it has occurred.
A simple approach would be for the sender to take a simple checksum of the data and transmit it along with the data itself. The recipient could also derive its own version of the checksum and compare it with the transmitted ...
Get Applied Enterprise JavaBeans™ Technology now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.