Home arrow JavaScript arrow Building a CHAP Login System: Coding Server-Side Random Seeds
JAVASCRIPT

Building a CHAP Login System: Coding Server-Side Random Seeds


Welcome to the second part of “Building a CHAP login system.” In three parts, this series introduces the basics of building a web-based login system that uses the Challenge Handshake Authentication Protocol (hence the CHAP acronyms), explaining its benefits, and exploring its implementation.

Author Info:
By: Alejandro Gervasio
Rating: 5 stars5 stars5 stars5 stars5 stars / 23
September 06, 2005
TABLE OF CONTENTS:
  1. · Building a CHAP Login System: Coding Server-Side Random Seeds
  2. · Stepping back: a quick look at the previous CHAP login system
  3. · Moving forward: Improving the random seed generator
  4. · Refactoring the CHAP login system: Adding functionality to the JavaScript program

print this article
SEARCH DEVARTICLES

Building a CHAP Login System: Coding Server-Side Random Seeds
(Page 1 of 4 )

Introduction

In the previous part of the series, I provided you with core concepts related to client-side data encryption, through the implementation of the MD5 hashing algorithm in JavaScript. I also provided you with the basic requirements for building a login system, which offers a greater level of security compared to the vast majority of such systems found on the Web that usually transmit data in an unencrypted way.

At this point, hopefully you’ve understood the advantages and drawbacks of working with user-provided data, which is hashed in the client domain, and later transmitted for authentication on the server. As I previously discussed in the first part of the series, the most significant benefit of implementing such as system is obviously the fact that data encryption is performed via JavaScript, without the need to look at other solutions, such as https.

On the other hand, the use of JavaScript as the core encryption method reveals the strong dependency on scripting-enabled browsers for this technique to be successfully implemented. As you can see, good things come at a cost, and this one is no exception.

With the key concepts well understood, over this second part, attention will be turned to the server side, where authentication takes place. For this purpose, I’ll be illustrating some methods for generating random seeds, ranging from simple semi-random string generators to slightly more complex procedural approaches. Since all of the server source code will be developed in PHP, it shall be extremely easy to adapt it to working with the language of your choice.


blog comments powered by Disqus
JAVASCRIPT ARTICLES

- Project Nashorn to Make Java, JavaScript Wor...
- JavaScript Virus Attacks Tumblr Blogs
- Google Releases Stable Dart Version, JavaScr...
- Khan Academy Unveils New JavaScript Learning...
- Accessing Nitro? There`s an App for That
- JQuery 2.0 Leaving Older IE Versions Behind
- Fastest JavaScript Engine Might Surprise You
- Microsoft Adjusting Chakra for IE 10
- Brendan Eich: We Don`t Need Google Native Cl...
- An Overview of JavaScript Statements
- An Overview of JavaScript Operators
- Overview of JavaScript Variables
- More of the Top jQuery Social Plugins
- The Top jQuery Social Plugins
- More of the Top jQuery Slider Plugins

Watch our Tech Videos 
Dev Articles Forums 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Weekly Newsletter
 
Developer Updates  
Free Website Content 
Contact Us 
Site Map 
Privacy Policy 
Support 

Developer Shed Affiliates

 




© 2003-2017 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap
Popular Web Development Topics
All Web Development Tutorials