[mysql-dde] Re: Internal connection

• From: "Peter B. Volk" <PeterB.Volk@xxxxxxx>
• To: <mysql-dde@xxxxxxxxxxxxx>
• Date: Wed, 21 Dec 2005 00:44:46 +0100

Hey,

Ok in principle there are 2 types of encryption symetric and asymetric. The
sym. uses the same key for encryption as for decryption. So e.g. the
encryption function is the multiblication. The decryption is then the div.
If you ancrypt 7 with the key 5 then the message is 35. to decrypt it you
calculate 35/5 -> 7. The problem with this Was ist that once you hve the key
you can encrypt AND decrypt the messages. The receiver must trust the
messagechanel the message came from because an intruder could encrypt a
message once he has the key that looks like as if the message came from
someone else.

With asymetric encryption there is a public key and a private key. The
public key is know by all. This key can decrypt messages htat were encrypted
with the private key. And only the private key can decrypt a message
encrypted with the public key.

So this is the way the cryptic number would be created:

Each server has a key pair (public and private). S1 sends a query to S2
(named query). so the query is hashed and the hash is then encrypted with
the public key of S2. so number=ENCRYPT_PUB_S2(MD5(SELECT my_hair_color FROM
my_gene_pool WHERE the_right_gene=true) ). The internal query would look
like this "SELECT /*!DDE_INTERNAL <number>*/my_hair_color FROM my_gene_pool
WHERE the_right_gene=true"

Peter
----- Original Message ----- 
From: "Fabricio Mota" <fabricio.mota@xxxxxxxxx>
To: <mysql-dde@xxxxxxxxxxxxx>
Sent: Tuesday, December 20, 2005 2:41 AM
Subject: [mysql-dde] Re: Internal connection


> Ok! Soon you could teach me how it works...
> FM
>
>
> 2005/12/19, Peter B. Volk <PeterB.Volk@xxxxxxx>:
> >
> > Hey,
> >
> >
> > ----- Original Message -----
> > From: "Fabricio Mota" <fabricio.mota@xxxxxxxxx>
> > To: <mysql-dde@xxxxxxxxxxxxx>
> > Sent: Saturday, December 17, 2005 8:45 PM
> > Subject: [mysql-dde] Re: Internal connection
> >
> >
> > > Hey Guy,
> > > I was think a bit more about your idea, in how to complement it
putting
> > > security. As I said before, we could use a validation key inside the
> > hint,
> > > able to be validate by any server in cluster, such as:
> > >
> > > *select /* DDE_INTERNAL 3D493062A2B87EFF*/ something more*
> > >
> >
> > Souds good
> >
> > > The options I've thought are:
> > >
> > > 1) Insert a static key, generated during cluster creation, and known
by
> > all
> > > servers to be validated when the command comes. (Weak security,
because
> > > malicious users may discover it and use it).
> > >
> > > 2) Validate the connection by the IP number of the client. It's most
> > secure,
> > > but network substitutions/replications may not be seen by system.
> > >
> > > 3) Implement a changeable validation key, that changes itself with a
> > > non-trivial function. All servers will always know when it changes and
> > when
> > > it must to change (something like to encrypt a key with the time).
This
> > > could be strong, but in the example of time it has a problem if clocks
> > > aren't sufficiently synchronized.
> > >
> > > Any more ideas?
> >
> > 4) Asynchrone Encryption:
> >    The 3D493062A2B87EFF string would contain a hash of the query
encrypted
> > with the private key of the origin server. This kan then be decrypted by
> > the
> > receiving server and the receiving server can validate the hash.
> >
> > Peter
> >
> >
> > >
> > > 2005/12/17, Peter B. Volk <PeterB.Volk@xxxxxxx>:
> > > >
> > > > Hey,
> > > >
> > > > yes.
> > > >
> > > > Peter
> > > > ----- Original Message -----
> > > > From: "Fabricio Mota" <fabricio.mota@xxxxxxxxx>
> > > > To: <mysql-dde@xxxxxxxxxxxxx>
> > > > Sent: Saturday, December 17, 2005 3:21 AM
> > > > Subject: [mysql-dde] Re: Internal connection
> > > >
> > > >
> > > > > Hey,
> > > > > do Insert/update/delete support hints too?
> > > > >
> > > > > FM
> > > > >
> > > > >
> > > > > 2005/12/14, Fabricio Mota <fabricio.mota@xxxxxxxxx>:
> > > > > >
> > > > > > Hummmmm...
> > > > > >
> > > > > > That's sound very good!
> > > > > >
> > > > > > The only problem we could have to think is to add something more
> > > > inside
> > > > > > the hint (such as a validation key, encripted value or something
> > like
> > > > it) to
> > > > > > ensure that bad intentioned users does not intend to get inside
> > DDE
> > > > > > intestines... haha
> > > > > >
> > > > > > FM
> > > > > >
> > > > > >
> > > > > > 2005/12/14, Peter B. Volk <PeterB.Volk@xxxxxxx>:
> > > > > > >
> > > > > > > Hey,
> > > > > > >
> > > > > > >
> > > > > > > I've been thinking about the internal connection. Actually we
> > can
> > > > use
> > > > > > > the standard connection and then ad a hint to the SQL
statement
> > that
> > > > it is
> > > > > > > an internal connection. so the remote connection query would
> > look
> > > > like
> > > > this:
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > Select /*!DDE_INTERNAL*/something FROM somewhere;
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > Like this we would not need to care about modifying the
> > connection
> > > > > > > process.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > what do you think?
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > Peter
> > > > > > >
> > > > > > > MySql-DDE discussion list
> > > > > > > www.freelists.org/
> > > > > > >
> > > > > > >
> > > > > >
> > > > > >
> > > > > > --
> > > > > >
> > > > > > Sem mais,
> > > > > >
> > > > > > Fabricio Mota
> > > > > > Oda Mae Brown - Aprecie sem moderação.
> > > > > > http://www.odamaebrown.com.br
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > --
> > > > >
> > > > > Sem mais,
> > > > >
> > > > > Fabricio Mota
> > > > > Oda Mae Brown - Aprecie sem moderação.
> > > > > http://www.odamaebrown.com.br
> > > > >
> > > > > MySql-DDE discussion list
> > > > > www.freelists.org/
> > > > >
> > > >
> > > > MySql-DDE discussion list
> > > > www.freelists.org/
> > > >
> > > >
> > >
> > >
> > > --
> > >
> > > Sem mais,
> > >
> > > Fabricio Mota
> > > Oda Mae Brown - Aprecie sem moderação.
> > > http://www.odamaebrown.com.br
> > >
> > > MySql-DDE discussion list
> > > www.freelists.org/
> > >
> >
> > MySql-DDE discussion list
> > www.freelists.org/
> >
> >
>
>
> --
>
> Sem mais,
>
> Fabricio Mota
> Oda Mae Brown - Aprecie sem moderação.
> http://www.odamaebrown.com.br
>
> MySql-DDE discussion list
> www.freelists.org/
>

MySql-DDE discussion list
www.freelists.org/

• References:
  • [mysql-dde] Internal connection
    • From: Peter B. Volk
  • [mysql-dde] Re: Internal connection
    • From: Fabricio Mota
  • [mysql-dde] Re: Internal connection
    • From: Fabricio Mota
  • [mysql-dde] Re: Internal connection
    • From: Peter B. Volk
  • [mysql-dde] Re: Internal connection
    • From: Fabricio Mota
  • [mysql-dde] Re: Internal connection
    • From: Peter B. Volk
  • [mysql-dde] Re: Internal connection
    • From: Fabricio Mota

Other related posts:

• » [mysql-dde] Internal connection
• » [mysql-dde] Re: Internal connection
• » [mysql-dde] Re: Internal connection
• » [mysql-dde] Re: Internal connection
• » [mysql-dde] Re: Internal connection
• » [mysql-dde] Re: Internal connection
• » [mysql-dde] Re: Internal connection
• » [mysql-dde] Re: Internal connection

1. Home
2. mysql-dde
3. Archive
4. 12-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---