Authenticate messages

[turicas]

Currently Router, Broker, Pipeliner and PipelineManager do not need to authenticate one with each other, so the system is vulnerable by attacks if you do not close your machines using a firewall or something like this. One possible solution is to use HMAC to authenticate messages, like ipython parallel's approach.

Using HMAC is as simple as:

import hmac
import hashlib

def create_hash(secret_key, message, hash_function=hashlib.sha512):
    my_hash = hmac.new(secret_key, message, digestmod=hash_function)
    return my_hash.hexdigest()

Note: we should use SHA-2 (SHA-512, for example) since MD5 and SHA-1 are both broken.

Maybe the project "it's dangerous" by mitsuhiko can helps.