ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/doc/gvpe.5.pod
(Generate patch)

Comparing gvpe/doc/gvpe.5.pod (file contents):
Revision 1.1 by pcg, Fri Jun 11 15:56:12 2004 UTC vs.
Revision 1.2 by pcg, Tue Oct 12 11:54:33 2004 UTC

92 92
93 ./configure --enable-hmac-length=16 --enable-rand-length=8 --enable-digest=sha1 93 ./configure --enable-hmac-length=16 --enable-rand-length=8 --enable-digest=sha1
94 94
95This uses a 16 byte HMAC checksum to authenticate packets (I guess 8-12 95This uses a 16 byte HMAC checksum to authenticate packets (I guess 8-12
96would also be pretty secure ;) and will additionally prefix each packet 96would also be pretty secure ;) and will additionally prefix each packet
97with 8 bytes of random data. 97with 8 bytes of random data. In the long run, people should move to
98SHA-224 and beyond, but support in openssl is missing as of writing this
99document.
98 100
99In general, remember that AES-128 seems to be more secure and faster than 101In general, remember that AES-128 seems to be more secure and faster than
100AES-192 or AES-256, more randomness helps against sniffing and a longer 102AES-192 or AES-256, more randomness helps against sniffing and a longer
101HMAC helps against spoofing. MD4 is a fast digest, SHA1 or RIPEMD160 are 103HMAC helps against spoofing. MD4 is a fast digest, SHA1 or RIPEMD160 are
102better, and Blowfish is a fast cipher (and also quite secure). 104better, and Blowfish is a fast cipher (and also quite secure).

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines