----- Original Message ----- > From: "George Bonser" <gbon...@seven.com>
> So using multicast for things like software updates to computers over > the general internet to the general public probably isn't going to > work. > Encryption is also an issue because it doesn't really work well over > multicast. How do I encrypt something in a way that anyone can decrypt > but nobody can duplicate? If I have a separate stream per user, that > is > easy. If I have one stream for all users, that is harder. The answer > is probably in some sort of digital signature but not really > encryption. Um, yeah; that'd be private key digital signature. > Using public/private key encryption over multicast, I would have to > distribute the private key so others could decrypt the content. If > they have the private key, they can generate a public key to use to > generate content. > Encryption is probably overkill anyway. What is needed is a mechanism > simply to say that the content is certified to have come from the > source it claims to come from. So ... basically ... better not to use > multicast for anything you really might have any security issues with. > Fine for broadcasting a video, not so fine for a kernel update. Nah; you're overthinking it. Signed updates solve the problem just fine. Note that Linux (SuSE/YAST/YOU) does this already. But you *are* expanding the attack surface, and the signature/PKI infrastructure has to be correspondingly more robust. Cheers, -- jra
