Tero Kivinen wrote:
> Alex Pankratov writes:
>
There might be (I am not sure whether AUTH
packet is encrypted and MACed) a MAC over it, but the MAC key is not
yet authenticated as it is generated from the anonymous
Diffie-Hellman. That might give it some protection, but I am not
"Travis H." <[EMAIL PROTECTED]> writes:
> On 2/24/06, Alex Pankratov <[EMAIL PROTECTED]> wrote:
>> Tero Kivinen wrote:
>> >> Secondly I cannot find where it
>> >> authenticates the crypto suite used at all (it is not included in the
>> >> signature of the AUTH message).
>>
>> Crypto suite is essen
Travis H. wrote:
> On 2/24/06, Alex Pankratov <[EMAIL PROTECTED]> wrote:
>
>>Tero Kivinen wrote:
[snip]
The protocol description is missing some details, so cannot say
anything about them (things like what is the format of Ni, Nr, Gi, Gr
when sent over wire and when put to the sign
On 2/24/06, Alex Pankratov <[EMAIL PROTECTED]> wrote:
> Tero Kivinen wrote:
> >> Secondly I cannot find where it
> >> authenticates the crypto suite used at all (it is not included in the
> >> signature of the AUTH message).
>
> Crypto suite is essentially just a protocol number. It requires
> no a
I replied to Tero privately, then realized that I was
not the only recipient of his email. So here's a copy
for everyone's reference.
Alex
Tero Kivinen wrote:
>> Travis H. writes:
>>
>
http://www.hamachi.cc/security
Based on a cursory look over this, I'm impressed by both the level
http://www.hamachi.cc/security
Based on a cursory look over this, I'm impressed by both the level of
detail and the level of security apparently afforded. Too bad I can't
see the source code.
--
Security Guru for Hire http://www.lightconsulting.com/~travis/ -><-
GPG fingerprint: 9D3F 395A DAC5 5C