[Date Prev][Date Next][Date Index]
[vpn] Security Aspects of Tinc (fwd)
---------- Forwarded message ----------
Date: Tue, 25 Nov 2003 23:35:07 +0100
From: Guus Sliepen <guus@sliepen.eu.org>
Reply-To: tinc@nl.linux.org
To: tinc@nl.linux.org
Cc: Shashank Khanvilkar <shashank@mia.ece.uic.edu>
Subject: Re: Security Aspects of Tinc.
On Tue, Nov 25, 2003 at 02:36:20PM -0600, Shashank Khanvilkar wrote:
> Does Tinc Support the following (I have marked the ans's that I
> think I know):
>
> 1. Confidentiality: Yes (Packets are encrypted)
Yes.
> 2. Data-integrity: Yes (using digest: SHA1)
Yes.
> 3. Authentication/Non-Repudiation (Both at the session and data-packet
> level): Yes
Authentication yes, Non-Repudiation no (identity of hosts is sent
plaintext).
> 4. Anti-Replay protection: ??
Yes (authenticated sequence numbers, sliding window).
> 5. Forward Secrecy: ??
No (if you can get a private RSA key of a host you can decrypt all
trafic from the past).
> 6. Does it have a user Space Impl: ??
Yes.
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus@sliepen.eu.org>
Comments and corrections are appreciated and can be sent to
papers@mia.ece.uic.edu.
Click here for ©opyright information.