Verify Source is Legitimate

Its been a while since I've made one of these.

So basically, I'm remaking the internet in Snap!.
The client makes a request to the server, and the server responds to the client with the requested content. I'm doing this using MQTT.

The problem is, I don't know how to make sure the content the client is receiving is actually from the server requested (a malicious server spoofing responces). I want to solver this problem by doing something like an SSL certificate in Snap!, but I have no idea how I would do that. Any Ideas?

I feel like you should move this to #advanced-topics because, well, it's advanced stuff.


It's for encrypting messages

To begin, you can configure the MQTT broker (server) UNDER YOUR CONTROL to require user and password authentication.

For a free public broker you may use payload signing/encrypting as described

Full-blown PKI/RSA cryptography may be a slight overkill for the intended purpose, but some secret (a key) shared between any two parties can be easily used.
I'm not aware of any ready-made :snap: component to do encryption. but even simple XOR may be suitable.
There are some extra info.

There is a block in dev mode that can get a hex sha512 has. I'm not sure if that's what you mean though.

Not really, but making hash is an important part of signing.
You may look at the Snapcon materials.

I want to do this, but I don't understand how SSL certificates work and how I would build one with the MQTT blocks in Snap!.

Just use "wss://" in broker adres i.e. "wss://" for this particular server.
Test environment >
Certificate signing >

You need to control your own server to enforce authorization and set the legitimated users (ACL).

I don't want to do it from the server, I want to do it in Snap!.

It would probably be better to do it serverside, so users can't just edit the blocks to mess with things.

you verify it both sides.

(deleted, i missed that this is about mqtt)

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.