--- gvpe/doc/gvpe.5.pod 2004/06/11 15:56:12 1.1 +++ gvpe/doc/gvpe.5.pod 2005/03/17 22:24:31 1.6 @@ -5,24 +5,52 @@ =head1 DESCRIPTION GVPE is a suite designed to provide a virtual private network for multiple -nodes over an untrusted network. +nodes over an untrusted network. This document first gives an introduction +to VPNs in general and then describes the specific implementation of GVPE. -"Virtual"X means that no physical network is created (of course), but an -ethernet is emulated by creating multiple tunnels between the member -nodes. +=head2 WHAT IS A VPN? + +VPN is an acronym, it stands for: -"Private"X means that non-participating nodes cannot decode ("sniff)" nor -inject ("spoof") packets. +=over 4 -In the case of gvpe, even participating nodes cannot sniff packets send to -other nodes or spoof packets as if sent from other nodes. +=item X -"Network"X means that more than two parties can participate in the -network, so for instance it's possible to connect multiple branches of a -company into a single network. Many so-called "vpn" solutions only create -point-to-point tunnels. +Virtual means that no physical network is created (of course), but a +network is I by creating multiple tunnels between the member +nodes by encapsulating and sending data over another transport network. + +Usually the emulated network is a normal IP or Ethernet, and the transport +network is the Internet. However, using a VPN system like GVPE to connect +nodes over other untrusted networks such as Wireless LAN is not uncommon. + +=item X + +Private means that non-participating nodes cannot decode ("sniff)" nor +inject ("spoof") packets. This means that nodes can be connected over +untrusted networks such as the public Internet without fear of being +eavesdropped while at the same time being able to trust data sent by other +nodes. + +In the case of GVPE, even participating nodes cannot sniff packets +send to other nodes or spoof packets as if sent from other nodes, so +communications between any two nodes is private to those two nodes. + +=item X + +Network means that more than two parties can participate in the network, +so for instance it's possible to connect multiple branches of a company +into a single network. Many so-called "vpn" solutions only create +point-to-point tunnels, which in turn can be used to build larger +networks. + +GVPE provides a true multi-point network in wich any number of nodes (at +least a few dozen in practise, the theoretical limit is 4095 nodes) can +participate. + +=back -=head2 DESIGN GOALS +=head2 GVPE DESIGN GOALS =over 4 @@ -31,7 +59,11 @@ Cipher, HMAC algorithms and other key parameters must be selected at compile time - this makes it possible to only link in algorithms you actually need. It also makes the crypto part of the source very -transparent and easy to inspect. +transparent and easy to inspect, and last not least this makes it possible +to hardcode the layout of all packets into the binary. GVPE goes a step +further and internally reserves blocks of the same length for all packets, +which virtually removes all possibilities of buffer overflows, as there is +only a single type of buffer and it's always of fixed length. =item EASY TO SETUP @@ -73,20 +105,25 @@ Please have a look at the C manpage for platform-specific information. -Here are a few recipes for compiling your gvpe: +Here are a few recipes for compiling your gvpe, showing the extremes +(fast, small, insecure OR slow, large, more secure), between you should +choose: =head2 AS LOW PACKET OVERHEAD AS POSSIBLE ./configure --enable-hmac-length=4 --enable-rand-length=0 -Minimize the header overhead of VPN packets (the above will result in only -4 bytes of overhead over the raw ethernet frame). +Minimize the header overhead of VPN packets (the above will result in +only 4 bytes of overhead over the raw ethernet frame). This is a insecure +configuration because a HMAC length of 4 makes collision attacks based on +the birthday paradox easy, though. =head2 MINIMIZE CPU TIME REQUIRED ./configure --enable-cipher=bf --enable-digest=md4 -Use the fastest cipher and digest algorithms currently available in gvpe. +Use the fastest cipher and digest algorithms currently available in +gvpe. MD4 has been broken and is quite insecure, though. =head2 MAXIMIZE SECURITY @@ -94,7 +131,9 @@ This uses a 16 byte HMAC checksum to authenticate packets (I guess 8-12 would also be pretty secure ;) and will additionally prefix each packet -with 8 bytes of random data. +with 8 bytes of random data. In the long run, people should move to +SHA-224 and beyond, but support in openssl is missing as of writing this +document. In general, remember that AES-128 seems to be more secure and faster than AES-192 or AES-256, more randomness helps against sniffing and a longer @@ -208,8 +247,9 @@ =head1 SEE ALSO -gvpe.osdep(5) for OS-depedendent information, gvpe.conf(5), gvpectrl(8), and -for a description of the protocol and routing algorithms, gvpe.protocol(7). +gvpe.osdep(5) for OS-depedendent information, gvpe.conf(5), gvpectrl(8), +and for a description of the transports, protocol, and routing algorithm, +gvpe.protocol(7). =head1 AUTHOR