efficiency?? vs security with symmetric crypto? (Re: Tinc's response to "Linux's answer to MS-PPTP")
Adam Back
adam at cypherspace.org
Fri Sep 26 18:28:13 EDT 2003
What conceivable trade-offs could you have to make to get acceptable
performance out of symmetric crypto encrypted+authenticated tunnel?
All ciphers you should be using are like 50MB/sec on a 1Ghz machine!!
If you look at eg cebolla (more anonymity than VPN, but it's a nested
forward-secret VPN related thing) it's even possible to do pretty
immediate forward secrecy every second or something at minimal CPU
cost. (I'll read the writeup but that trade-off argument sounds very
wrong.)
Adam
On Fri, Sep 26, 2003 at 12:12:03PM +0200, Guus Sliepen wrote:
> Hello Peter Gutmann and others,
>
> Because of its appearance on this mailing list and the Slashdot posting
> about "Linux's answer to MS-PPTP", and in the tinc users' interest, we
> have created a section about the current security issues in tinc, which
> currently contains a response to Peter Gutmann's writeup:
>
> http://tinc.nl.linux.org/security
>
> I want to emphasize for the cryptography community here that certain
> tradeoffs have been made between security and efficiency in tinc. So
> please read the response as "why we think we need to do/used to do it
> this way" instead of "why we think tinc is still as secure as anything
> else". Comments are welcome.
>
> --
> Met vriendelijke groet / with kind regards,
> Guus Sliepen <guus at sliepen.eu.org>
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list