thr3ads.net - tinc devel - Fwd: handshake problem [Mar 2018]

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

al so

2018-Mar-14 15:36 UTC

Fwd: handshake problem

This bad use of RSA was reported back in Sept 2003. Is it fixed the
latest version?

tinc's real problem though is the handshake protocol, in which the client
and
server exchange random RSA-encrypted strings.  That's raw bit strings,
there's
no PKCS #1 or OAEP padding, and the server is happy to act as an oracle for
you too.  This is a terrible way to use RSA, and usually compromises the key.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://www.tinc-vpn.org/pipermail/tinc-devel/attachments/20180314/2ab8caeb/attachment.html>

Apparently Analagous Threads

ldapsearch w. SSL refuses to connect to server with openssl 1.0.1 (worked with openssl 1.0.0)
Tinc: performance
[nbdkit PATCH 2/2] server: Add --mask-handshake option for integration testing
"TLS handshake" errors, frozen IMAP
Timeout waiting for handshake from auth server

Search for more seemingly similar threads

tinc devel - Mar 2018 - Fwd: handshake problem

Fwd: handshake problem

Apparently Analagous Threads

Wisdom of the Ancients