I have a client/server application and I'm wondering what is a secure method to implement registration of new clients with the server.
So far, I have the following:
A user downloads the client from them web, and installs it. During the installation the client registers with the server and receives a secret key (certificate). Each following client request is then encrypted / signed with that key.
My question is how to secure the initial transaction? How to make sure that I don't have hackers spoofing registration requests, fooling my server, and using up my server resources?
Thanks