Hi Pieter,
On 15/03/19 17:01, Pieter Hulshoff wrote:
Hi,
Op vr 15 mrt. 2019 om 16:11 schreef <pippin...@protonmail.com
<mailto:pippin...@protonmail.com>>:
"TLS authentication (HMAC firewall)
To explain the concept of TLS authentication in simpler terms, the
idea here is to have a unique TLS key, a certificate, that is
known and used by the server and its clients. A shared secret if
you will, that will be used to digitally sign and verify packets
in both directions. What this does is make it possible for the
OpenVPN protocol to easily recognize if packets are truly VPN
packets from a known VPN client, or if they are garbage packets
from unknown sources. Every OpenVPN packet by itself contains
encrypted information inside of it, but on top of that, the packet
itself is signed digitally...................."
My apologies, I meant with regards to the data packets rather than the
control packets.
In general though: I understand why packets are signed (with a
TLS/HMAC/GCM tag). What I don't understand is why that tag is
transmitted before the encrypted data rather than after the encrypted
data. This choice has some impact with regards to streaming data
transmission (e.g. in a hardware based crypto machine). Especially in
telecom, latency and packet delay variation are extremely important
parameters, which is why MACsec transmits the GCM tag at the end of
the packet (right before the FCS (CRC)).
who says it is transmitted before the encrypted data? where in the
source is that specified? If you look at crypto.c routines
openvpn_encrypt_aead vs openvpn_encrypt_v1 you will find that the HMAC
part seems to be added at the end (e.g. look for
hmac_start = BEND(&work);
regards,
JJK
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
