| … | |
… | |
| 145 | |
145 | |
| 146 | SEQNO is a 32-bit sequence number. It is negotiated at every connection |
146 | SEQNO is a 32-bit sequence number. It is negotiated at every connection |
| 147 | initialization and starts at some random 31 bit value. VPE currently uses |
147 | initialization and starts at some random 31 bit value. VPE currently uses |
| 148 | a sliding window of 512 packets/sequence numbers to detect reordering, |
148 | a sliding window of 512 packets/sequence numbers to detect reordering, |
| 149 | duplication and replay attacks. |
149 | duplication and replay attacks. |
|
|
150 | |
|
|
151 | The encryption is done on RAND+SEQNO+DATA in CBC mode with zero IV (or, |
|
|
152 | equivalently, the IV is RAND+SEQNO, encrypted with the block cipher, |
|
|
153 | unless RAND size is decreased or increased over the default value). |
| 150 | |
154 | |
| 151 | =head2 The authentication protocol |
155 | =head2 The authentication protocol |
| 152 | |
156 | |
| 153 | Before nodes can exchange packets, they need to establish authenticity of |
157 | Before nodes can exchange packets, they need to establish authenticity of |
| 154 | the other side and a key. Every node has a private RSA key and the public |
158 | the other side and a key. Every node has a private RSA key and the public |
