Marking non-sensitive data, to prevent submission from external sources, instead full encryption? (mobile app submitting to a server)

StackOverflow https://stackoverflow.com/questions/17131873

Question

I want to submit non-sensitive data from a mobile app to a server. But I don't want external sources to be able to submit data.

I would like some opinions on whether it's enough to mark the requests with hash formula.

For example:

MD5(MD5(message)+secretString)

The messages will be unique, and there is min of 10 min interval between submissions from single source (if request gets from the same source before this time, it will be rejected). That's why I think it's not worth the effort to go for full encryption of the requests, but since I have no experience in this area I decided to check with the community.

Thanks in advance.

No correct solution

OTHER TIPS

The approach looks good, few considerations though:

  • the secretString can be extracted pretty easiely for the app. The only factor here is the motiviation of the attacker.
  • consider replacing MD5 with SHA-1. Although there is no fatal vulnerability in MD5, the change is trivial and more secure.
  • don't use IP addresses for a "single source" protection. Mobile devices pass through carrier networks and share a relativly small IP block.
  • consider adding unique, incrementing number in the request to avoid replay attacks.

You say you want to submit data to the server but if you do a hash the data is no longer recoverable by the server. Not only the attacker but even the server will not know what the data is. Going for encryption is the best way to go about this problem if you want to achieve confidentiality. As mentioned by another user having a fixed secret string in the app is not doing you any good as it can be recovered easily. You cannot rely on someone not knowing the "formula" reversing an app is easier than people think. So security through obscurity is definitely not the way to go. If you want to use salt use a secure random number generator but then you have the additional task to have the same salt at the server to verify (and the server needs to have the message beforehand).

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top