Changes between Initial Version and Version 1 of Ticket #1371, comment 4


Ignore:
Timestamp:
01/02/21 00:32:51 (3 years ago)
Author:
David Sommerseth
Comment:

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #1371, comment 4

    initial v1  
    88
    99
    10 Also worth noting, the 2.4.0 security audit did not mention anything related to the security of the --tls-crypt key itself.  There were concerns about some IV collision possibilities, where the risks was considered acceptable (key rotation should happen at least every 8th year if you have 1000 connecting users doing negotiating over the control channel every minute - or tls-crypt key rotation every year if you have 8000 connecting clients).  This issue is resolved by --tls-crypt-v2, where this IV collision possibility is reduced to a bare minimum (2^48 control channel packets per key, iiuc).  But password encrypting the tls-crypt keys was not somthing I recall being mentioned in both performed security audits.
     10Also worth noting, the 2.4.0 security audit did not mention anything related to the security of the --tls-crypt key itself.  There were concerns about some IV collision possibilities, where the risks was considered acceptable (key rotation should happen at least every 8th year if you have 1000 connecting users doing negotiating over the control channel every minute - or tls-crypt key rotation every year if you have 8000 connecting clients).  This issue is resolved by --tls-crypt-v2, where this IV collision possibility is reduced to a bare minimum (2^48^ control channel packets per key, iiuc).  But password encrypting the tls-crypt keys was not somthing I recall being mentioned in both performed security audits.