Jump to content


Photo

Is there a wishlist for ciphers and hashes to add?

Cipher Hash

Best Answer Staff, 20 May 2016 - 11:46 PM

Well, thanks anyway. I posted here because I figured there is no reason the Eddie Client cannot use different options than vanilla OpenVPN.

But I can certainly understand the reason that is not a goal.

 

Have a nice day everyone.

 

 

Unfortunately there are two good reasons... Eddie is an OpenVPN frontend. It has tons of additional commodities but the core security of the tunneling, connection and packets handling (and more) remains to OpenVPN/OpenSSL/PolarSSL. Forking OpenVPN to support something different would be a paramount task, not to mention the huge security risks related to the operation...

 

Kind regards

Go to the full post


  • Please log in to reply
3 replies to this topic

#1 OmniNegro

OmniNegro

    Advanced Member

  • Members
  • PipPipPip
  • 248 posts
  • LocationThe Fiery Pits of Texas, USA.

Posted 20 May 2016 - 11:22 PM

I would love to one day see Threefish-256 as an option. I think 512 and 1024 bits would only congest the servers too much, but 256 bits should be easy enough. In addition, I think Serpent is a very good option at 256 bits.

 

Tiger is a great hash, but is currently only 160 bits plus the HMAC. So it is less desirable compared to SHA2-256

 

If there is a wishlist, I was unable to find it. I would appreciate a link to the thread if one exists.

 

And I most certainly welcome discussion. Thanks in advance.


Debugging is at least twice as hard as writing the program in the first place.

So if you write your code as clever as you can possibly make it, then by definition you are not smart enough to debug it.


#2 Staff

Staff

    Advanced Member

  • Staff
  • PipPipPip
  • 6982 posts

Posted 20 May 2016 - 11:35 PM

Hello,

 

to make it realistic, you should keep the wish list limited to OpenVPN supported digests and ciphers only...

 

Kind regards



#3 OmniNegro

OmniNegro

    Advanced Member

  • Members
  • PipPipPip
  • 248 posts
  • LocationThe Fiery Pits of Texas, USA.

Posted 20 May 2016 - 11:38 PM

Well, thanks anyway. I posted here because I figured there is no reason the Eddie Client cannot use different options than vanilla OpenVPN.

But I can certainly understand the reason that is not a goal.

 

Have a nice day everyone.


Debugging is at least twice as hard as writing the program in the first place.

So if you write your code as clever as you can possibly make it, then by definition you are not smart enough to debug it.


#4 Staff

Staff

    Advanced Member

  • Staff
  • PipPipPip
  • 6982 posts

Posted 20 May 2016 - 11:46 PM   Best Answer

Well, thanks anyway. I posted here because I figured there is no reason the Eddie Client cannot use different options than vanilla OpenVPN.

But I can certainly understand the reason that is not a goal.

 

Have a nice day everyone.

 

 

Unfortunately there are two good reasons... Eddie is an OpenVPN frontend. It has tons of additional commodities but the core security of the tunneling, connection and packets handling (and more) remains to OpenVPN/OpenSSL/PolarSSL. Forking OpenVPN to support something different would be a paramount task, not to mention the huge security risks related to the operation...

 

Kind regards







Similar Topics Collapse


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Servers online. Online Sessions: 13062 - BW: 35629 Mbit/sYour IP: 54.162.139.105Guest Access.