Organizational Research By

Surprising Reserch Topic

Experts Most Trusted Topic


how to create and use nonces


how to create and use nonces  using -'php,actionscript-3,cryptography,nonce'

I am running a website, and there is a scoring system that gives you points for the number of times you play a game.

It uses hashing to prove the integrity of http request for scoring so users cannot change anything, however as I feared might happen, someone figured out that they didn't need to change it, they just needed to get a high score, and duplicate the http request, headers and all.

Previously I'd been prohibited from protecting against this attack because it was considered unlikely. However, now that it has happened, I can. The http request originates from a flash game, and then is validated by php and php enters it into the database.

I'm pretty sure nonces will solve the issue, but I'm not exactly sure how to implement them. What is a common, and secure way of setting up a nonce system?
    

asked Sep 15, 2015 by Efren90Aluh
0 votes
4 views



Related Hot Questions



Walkin Jobs Opening



Government Jobs Opening


...