Secrecy of public keys

Guus Sliepen guus at tinc-vpn.org
Fri Jun 25 21:13:05 CEST 2021


On Thu, Jun 24, 2021 at 10:43:20PM -0700, Sean Whitton wrote:

> In the "Authentication protocol" section of the security page on the
> Tinc website it says:
> 
>     ... there is a man-in-the-middle possible where an attacker that has
>     the public key of the peers can gain control over one side of the
>     communication between two peers. The MITM cannot decrypt messages
>     between peers, but it can send messages to the peer that initiated
>     the connection. If the MITM knows enough about the VPN, it could
>     trick peers into sending it packets that it can decrypt.
> 
> This suggests that knowledge of host public keys should be restricted to
> hosts which will be members of the network, unlike, e.g., OpenSSH host
> keys, the public parts of which are not secrets at all.
> 
> I was wondering whether tinc 1.1 fixes this issue, such that host public
> keys cease to be secrets, and do not need to be handled with extra care
> when it comes to things like configuration management tools?

The public key should of course never have to be kept secret.
The new protocol in tinc 1.1 is not vulnerable to this issue.

Note that both the old and new protocol are designed such that the
public keys are never made public by tinc itself: you couldn't connect
to a tinc daemon and get it to to tell you the public key, unlike say
SSH.

-- 
Met vriendelijke groet / with kind regards,
     Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20210625/f119d5d3/attachment.sig>


More information about the tinc mailing list