What conceivable trade-offs could you have to make to get acceptable performance out of symmetric crypto encrypted+authenticated tunnel? All ciphers you should be using are like 50MB/sec on a 1Ghz machine!!
If you look at eg cebolla (more anonymity than VPN, but it's a nested forward-secret VPN related thing) it's even possible to do pretty immediate forward secrecy every second or something at minimal CPU cost. (I'll read the writeup but that trade-off argument sounds very wrong.) Adam On Fri, Sep 26, 2003 at 12:12:03PM +0200, Guus Sliepen wrote: > Hello Peter Gutmann and others, > > Because of its appearance on this mailing list and the Slashdot posting > about "Linux's answer to MS-PPTP", and in the tinc users' interest, we > have created a section about the current security issues in tinc, which > currently contains a response to Peter Gutmann's writeup: > > http://tinc.nl.linux.org/security > > I want to emphasize for the cryptography community here that certain > tradeoffs have been made between security and efficiency in tinc. So > please read the response as "why we think we need to do/used to do it > this way" instead of "why we think tinc is still as secure as anything > else". Comments are welcome. > > -- > Met vriendelijke groet / with kind regards, > Guus Sliepen <[EMAIL PROTECTED]> --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
