Closed patrickkh7788 closed 5 years ago
jedisct1
commented
5 years ago Since uc_kx_st is the secret key, yes. The secret key has to remain secret.
This uses session-based encryption; an attacker would really need to capture everything. If even a single packet is missed, anything from now on cannot be decrypted any more.
patrickkh7788
commented
5 years ago Thanks for explain. please correct me if I am wrong.
The xoodoo is authenticated encryption without associated data, and the key exchange is without forward security.
Maybe this should be add into README.md
jedisct1
commented
5 years ago While nice to have, this is not terribly useful in the context of a VPN.
PFS would prevent the following scenario: you’re suspected to be an axe murderer, the police asks the cloud provider to tap your VPS traffic, and, later, asks for a dump of that VPS to get the key. Haha, the key is still valid, so the previously recorded traffic can be decrypted!
PFS however would not prevent the following more likely scenario: the police asks for the key, and effortlessly decrypts everything from now on. PFS doesn’t provide post-compromise security, which is far more important.
But since a VPN server is essentially a proxy that decrypts traffic between itself and a client to forward decrypted packets to remote servers, here’s an even more likely scenario: the VPS is tapped, and packets exchanged with the VPN client is not something to waste any time on since for each of them, the server also sent or received a decrypted copy.
That being said, a simple way to get PFS and post-compromise security is to change the key regularly. If you’re just someone who needs a personal VPN to work in a coffee shop whose public WiFi has overzealous firewall rules, this is not something you have to worry too much about.
If you’re an axe murderer, just add key rotation to your post-crime routine.
If a hacker know
uc_kx_st, and captured all traffic. is he able to decrypted the data ?