[iodine-users] Iodine security
Matej Kovacic
matej.kovacic at owca.info
Tue Mar 1 20:04:04 CET 2011
Hi,
I have two suggestions regarding Iodine security.
1.) For a login, Iodine uses challenge-response login secured by MD5 hash.
Since MD5 is considered not safe anymore [1], my suggestion would be to
use some other hashing mechanism, for instance SHA-2 (however, even
using SHA over short strings could be problematic [2]).
2.) Iodine traffice betwen host and client is unencrypted. A solution is
using VPN over Iodine tunnel, however, one simple solution would be to
implement simple password encryption, something like cryptcat [3] can
do. User would then need to enter (the same) password in client and
server. This is not an optimal solution, but that way would be security
ofIodine much better by default than it is now.
[1] For problems with MD5 please see:
- Magnus Daum in Stefan Lucks: The Story of Alice and her Boss: Hash
Functions and the Blind Passenger Attack (Eurocrypt 2005,
http://th.informatik.uni-mannheim.de/People/lucks/HashCollisions/rump_ec05.pdf).
- Peter Selinger, 2006, http://www.mscs.dal.ca/~selinger/md5collision/,
Didier Stevens, 2009,
http://blog.didierstevens.com/2009/01/17/playing-with-authenticode-and-md5-collisions/
- Alexander Sotirov, Marc Stevens, Jacob Appelbaum, Arjen Lenstra, David
Molnar, Dag Arne Osvik, Benne de Weger, 2008,
http://www.win.tue.nl/hashclash/rogue-ca/.
- Marc Stevens, Arjen Lenstra in Benne de Weger, 2007, Chosen-prefix
Collisions for MD5 and Colliding X.509 Certificates for Different
Identities, <http://www.win.tue.nl/hashclash/EC07v2.0.pdf>.
[2] For problems with SHA (and short strings in general) please see:
- Thomas Roth, 2010, Cracking Passwords In The Cloud: Amazon’s New EC2
GPU Instances,
<http://stacksmashing.net/2010/11/15/cracking-in-the-cloud-amazons-new-ec2-gpu-instances/>.
[3] For cryptcat, please see:
- http://cryptcat.sourceforge.net/
Regards,
Matej
More information about the iodine-users
mailing list