Secrecy of public keys

Sean Whitton spwhitton at spwhitton.name
Fri Jun 25 07:43:20 CEST 2021


Hello,

In the "Authentication protocol" section of the security page on the
Tinc website it says:

    ... there is a man-in-the-middle possible where an attacker that has
    the public key of the peers can gain control over one side of the
    communication between two peers. The MITM cannot decrypt messages
    between peers, but it can send messages to the peer that initiated
    the connection. If the MITM knows enough about the VPN, it could
    trick peers into sending it packets that it can decrypt.

This suggests that knowledge of host public keys should be restricted to
hosts which will be members of the network, unlike, e.g., OpenSSH host
keys, the public parts of which are not secrets at all.

I was wondering whether tinc 1.1 fixes this issue, such that host public
keys cease to be secrets, and do not need to be handled with extra care
when it comes to things like configuration management tools?

Thanks!

-- 
Sean Whitton


More information about the tinc mailing list