ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/doc/gvpe.5.pod
(Generate patch)

Comparing gvpe/doc/gvpe.5.pod (file contents):
Revision 1.3 by pcg, Thu Jan 27 06:58:48 2005 UTC vs.
Revision 1.4 by pcg, Thu Jan 27 07:02:18 2005 UTC

81=head1 COMPILETIME CONFIGURATION 81=head1 COMPILETIME CONFIGURATION
82 82
83Please have a look at the C<gvpe.osdep(5)> manpage for platform-specific 83Please have a look at the C<gvpe.osdep(5)> manpage for platform-specific
84information. 84information.
85 85
86Here are a few recipes for compiling your gvpe: 86Here are a few recipes for compiling your gvpe, showing the extremes
87(fast, small, insecure OR slow, large, more secure), between you should
88choose:
87 89
88=head2 AS LOW PACKET OVERHEAD AS POSSIBLE 90=head2 AS LOW PACKET OVERHEAD AS POSSIBLE
89 91
90 ./configure --enable-hmac-length=4 --enable-rand-length=0 92 ./configure --enable-hmac-length=4 --enable-rand-length=0
91 93
92Minimize the header overhead of VPN packets (the above will result in only 94Minimize the header overhead of VPN packets (the above will result in
934 bytes of overhead over the raw ethernet frame). 95only 4 bytes of overhead over the raw ethernet frame). This is a insecure
96configuration because a HMAC length of 4 makes collision attacks based on
97the birthday paradox easy, though.
94 98
95=head2 MINIMIZE CPU TIME REQUIRED 99=head2 MINIMIZE CPU TIME REQUIRED
96 100
97 ./configure --enable-cipher=bf --enable-digest=md4 101 ./configure --enable-cipher=bf --enable-digest=md4
98 102
99Use the fastest cipher and digest algorithms currently available in gvpe. 103Use the fastest cipher and digest algorithms currently available in
104gvpe. MD4 has been broken and is quite insecure, though.
100 105
101=head2 MAXIMIZE SECURITY 106=head2 MAXIMIZE SECURITY
102 107
103 ./configure --enable-hmac-length=16 --enable-rand-length=8 --enable-digest=sha1 108 ./configure --enable-hmac-length=16 --enable-rand-length=8 --enable-digest=sha1
104 109

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines