[smb at cs.columbia.edu: Skype security evaluation]
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Sun Nov 13 09:56:51 EST 2005
"Marcel Popescu" <Marcel_Popescu at microbilt.com> writes:
>> From: owner-cryptography at metzdowd.com [mailto:owner-
>> cryptography at metzdowd.com] On Behalf Of Peter Gutmann
>
>> I can't understand why they didn't just use TLS for the handshake (maybe
>> YASSL) and IPsec sliding-window + ESP for the transport (there's a free
>> minimal implementation of this whose name escapes me for use by people who
>> want to avoid the IKE nightmare). Established, proven protocols and
>> implementations are there for the taking, but instead they had to go out
>> and try and assemble something with their own three hands (sigh).
>
>Do you have some articles about these protocols? I can't find anything on
>your webpage, and a newbie (like myself) can't distinguish between well
>designed and badly designed protocols. Can you recommend such a collection of
>well designed protocols for various purposes? With implementation caveats if
>possible?
Well, the above text mentions the recommended protocols. You can get YASSL
from http://yassl.com, and the IPsec ESP implementation from
http://ringstrom.mine.nu/ipsec_tunnel/ (although it looks like it hasn't been
updated for awhile, Freshmeat,
http://osx.freshmeat.net/projects/ipsec_tunnel/, seems to have newer info).
My article on problems I found in homebrew VPN implementations is at
http://www.linux-magazine.com/issue/39. If you want to save yourself the
effort of building your own TLS + ESP combination, you can use OpenVPN,
http://openvpn.net/ (and if you've ever had to struggle with IPsec, you should
also consider OpenVPN - unlike IPsec, you can just point it at your target
system and that's it, you don't have to start a new career in network and
server reconfiguration :-).
(actually To be precise OpenVPN doesn't use the ESP format directly (which is
rather IPsec-specific), only the general protocol design:
OpenVPN's security model can be summarized as such: Use the IPSec ESP
protocol for tunnel packet security, but then drop IKE in favor of SSL/TLS
for session authentication. This allows for a lightweight, portable VPN
implementation that draws on IPSec's strengths, without introducing the
complexity of IKE.
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list