--- gvpe/doc/gvpe.5.pod 2008/09/01 05:31:28 1.8 +++ gvpe/doc/gvpe.5.pod 2013/07/10 01:53:33 1.11 @@ -14,7 +14,7 @@ =over 4 -=item X +=item Virtual Virtual means that no physical network is created (of course), but a network is I by creating multiple tunnels between the member @@ -24,7 +24,7 @@ network is the Internet. However, using a VPN system like GVPE to connect nodes over other untrusted networks such as Wireless LAN is not uncommon. -=item X +=item Private Private means that non-participating nodes cannot decode ("sniff)" nor inject ("spoof") packets. This means that nodes can be connected over @@ -36,7 +36,7 @@ send to other nodes or spoof packets as if sent from other nodes, so communications between any two nodes is private to those two nodes. -=item X +=item Network Network means that more than two parties can participate in the network, so for instance it's possible to connect multiple branches of a company @@ -52,7 +52,7 @@ =head2 GVPE DESIGN GOALS -=over 4 +=over 4 =item SIMPLE DESIGN @@ -119,8 +119,8 @@ Minimize the header overhead of VPN packets (the above will result in only 4 bytes of overhead over the raw ethernet frame). This is a insecure -configuration because a HMAC length of 4 makes collision attacks based on -the birthday paradox pretty easy. +configuration because a HMAC length of 4 makes collision attacks almost +trivial. =head2 MINIMIZE CPU TIME REQUIRED @@ -132,12 +132,11 @@ =head2 MAXIMIZE SECURITY - ./configure --enable-hmac-length=16 --enable-rand-length=8 --enable-digest=sha1 + ./configure --enable-hmac-length=16 --enable-rand-length=12 --enable-digest=ripemd610 This uses a 16 byte HMAC checksum to authenticate packets (I guess 8-12 would also be pretty secure ;) and will additionally prefix each packet -with 8 bytes of random data. In the long run, people should move to -SHA-256 and beyond). +with 12 bytes of random data. In general, remember that AES-128 seems to be as secure but faster than AES-192 or AES-256, more randomness helps against sniffing and a longer