Security Aspects of Tinc.

Guus Sliepen guus at sliepen.eu.org
Tue Nov 25 23:35:07 CET 2003


On Tue, Nov 25, 2003 at 02:36:20PM -0600, Shashank Khanvilkar wrote:

> Does Tinc Support the following (I have marked the ans's that I 
> think I know):
> 
> 1. Confidentiality: Yes (Packets are encrypted)

Yes.

> 2. Data-integrity: Yes (using digest: SHA1)

Yes.

> 3. Authentication/Non-Repudiation (Both at the session and data-packet 
> level): Yes 

Authentication yes, Non-Repudiation no (identity of hosts is sent
plaintext).

> 4. Anti-Replay protection: ??

Yes (authenticated sequence numbers, sliding window).

> 5. Forward Secrecy: ??

No (if you can get a private RSA key of a host you can decrypt all
trafic from the past).

> 6. Does it have a user Space Impl: ??

Yes.

-- 
Met vriendelijke groet / with kind regards,
    Guus Sliepen <guus at sliepen.eu.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20031125/edda1ac1/attachment.pgp


More information about the Tinc mailing list