Could Someone Explain to Me How Works RSA Key in TFS?

[Yan18]

Hello everyone!

Could someone explain to me how works RSA key (private and public) in TFS?

How works the key contained in PEM file?

Why the oldest versions of the TFS (0.x) works in version client lowest than 10.98 and TFS 1.x dosn't works? Appear error of Invalid Token Authentication.

 

[manolete66]

What i think that i know about RSA key (private and public) is that public key is used by the client to CYPHER a part (maybe the full packet, im not sure) of the first exchange packet between client/server which includes the XTEA key. The other part of the key (private key) is used for the server to decypher the XTEA key and since then, the communication between client/server uses this XTEA key to keep a "safe" transfer protocol.

"Why the oldest versions of the TFS (0.x) works in version client lowest than 10.98 and TFS 1.x dosn't works?"

Im learning about how this protocol functions but i suppose that a lot of changes have been made in the protocolgame since TFS (0.x) to TFS 1.x.
I hope that i gived u a idea about how this work (need improve my knowledges more)

 

[Merrok]

In simple terms yes @manolete66

Cryptography - An Introduction

Cryptography Basics Since I see lots of wrong assumptions about what IT-Security actually is and how it is practiced i thought I'd write a "small" thread on the topic to help you make your OT and personal data more secure. Please be aware that i will just talk about basics and not go deeper...

otland.net

That is gonna help you out with understanding the concepts and the maths behind it

Why the oldest versions of the TFS (0.x) works in version client lowest than 10.98 and TFS 1.x doesn't work? Appear error of Invalid Token Authentication.

From what I have tested, It works with any version. There is always an encryption, the issue is that there is basically a default key that is used in OT servers and the private key (which is supposed to be a secret) is public as well as a result of that.
With newer servers of TFS or OTX or whatever you use, you can change them by just exchanging the file (key.pem). In older ones you will need to go into the sources and change it there. Sometimes the public key in the sources as well, depending on the server but yeah (serversided)
Now clientsided, it is always stored in the sources and you will need to change the public key there.
There are already many tutorials and there have been questions on how to do it in the support section. Just use the search function to find them

 

[Lessaire]

TFS 0.4 and TFS 1.x use the same full RSA key, just stored in different formats. So as far as I know, they support the same range of Cip clients.

The servers have the complete key, which means they have the private part. The client only needs the pubkey.

With a pubkey, you can cypher a message that only the holder of the private key can decode. This is how RSA keys are used for passwordless logins over SecureShell for example. The remote server holds your pubkey, and using that issues you a challenge that only as the holder of your private key can decode and respond to.

This format of encryption is also very popular for secure communications, for obvious reasons. Because this encoding is one way. Which means, even with the pubkey, you can't decode messages you just made with it yourself. This is useful for situations where you have a private key you leave on a secure machine at your government/employers office, and you only take your pubkey with you, that way if the files you create while you are away are lost or stolen they are useless to whoever finds them.

Anyway...

 

[platano]

I really like your avatar OP