Next Previous Contents

2. Encrypted/Authenticated Wrapper

When the Maui Scheduler is listening on a socket for client requests, it expects that the communication is encrypted using a secret key (stored in the maui.key file). If the message received can be decrypted then we can assume that the sender has the same secret key, and thus we have authenticated the message. The security of the whole system depends on the trustworthiness of the setuid client code and the integrity of the secret key file.

The wrapped protocol is the string XMIT00 followed by 4 bytes indicating the length of the encrypted part which follows stored in big-endian format. The rest of the message is the encrypted output of the Blowfish block cipher, specifically the Cryptix implementation. And the encryption/decryption wrapper routines used in the Maui Scheduler is in the unm.maui.misc.CryptixWrapper class.

This same wrapping protocol is also used for communication between scheduler and node daemons, although they use a different (and so far undocumented) form of communication.


Next Previous Contents