What conceivable trade-offs could you have to make to get acceptable
performance out of symmetric crypto encrypted+authenticated tunnel?
All ciphers you should be using are like 50MB/sec on a 1Ghz machine!!
If you look at eg cebolla (more anonymity than VPN, but it's a nested
forward-secret VPN related thing) it's even possible to do pretty
immediate forward secrecy every second or something at minimal CPU
cost. (I'll read the writeup but that trade-off argument sounds very
On Fri, Sep 26, 2003 at 12:12:03PM +0200, Guus Sliepen wrote:
Hello Peter Gutmann and others,
Because of its appearance on this mailing list and the Slashdot posting
about Linux's answer to MS-PPTP, and in the tinc users' interest, we
have created a section about the current security issues in tinc, which
currently contains a response to Peter Gutmann's writeup:
I want to emphasize for the cryptography community here that certain
tradeoffs have been made between security and efficiency in tinc. So
please read the response as why we think we need to do/used to do it
this way instead of why we think tinc is still as secure as anything
else. Comments are welcome.
Met vriendelijke groet / with kind regards,
Guus Sliepen [EMAIL PROTECTED]
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]