Impact of CVE-2014-0160?
Pedro Côrte-Real
pedro at pedrocr.net
Thu Apr 17 01:32:32 CEST 2014
I was looking at this and the NaCl/libsodium APIs seem very clean.
They have some high-level prepackaged crypto constructs that take the
keys and the plaintext and output the cyphertext so that you know you
are using a known good configuration. Sounds like a good way of going
about it.
Pedro
On Wed, Apr 16, 2014 at 10:19 PM, Guus Sliepen <guus at tinc-vpn.org> wrote:
> On Wed, Apr 16, 2014 at 08:08:12PM +0100, Pedro Côrte-Real wrote:
>
>> Would it make sense to move to NaCl/libsodium for the new protocol?
>> Apparently SigmaVPN does this and got good reviews on hacker news:
>>
>> https://news.ycombinator.com/item?id=7599091
>
> Maybe. In the latest commit on the 1.1 branch, tinc uses Ed25519 keys and
> ChaCha-Poly1305. I might use libsodium for this in the future.
>
> --
> Met vriendelijke groet / with kind regards,
> Guus Sliepen <guus at tinc-vpn.org>
>
> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>
More information about the tinc
mailing list