VULHUB ™

tinc is a Virtual Private Network (VPN) daemon designed for Linux and Unix based systems. It acts as a tunnel for a network interface, and embeds all communication into a sequence of encrypted UDP packets. This allows private network communication to occur through a larger network. tinc uses blowfish in cipher block chaining (CBC) mode to encrypt packets. The secret key is shared via a PKI-style handshake during the authentication process between two tinc daemons. In order to avoid the detection of regular traffic patterns (specifically, the ability to recognize repeated, identical packets), tinc prepends a two byte random salt to each packet before it is encrypted. As a result of the birthday paradox, a collision in salt values is likely when approximately 2-300 identical packets are transmitted. Under some applications, this may result in traffic patterns being leaked to an outside observer of the communication.

tinc is a Virtual Private Network (VPN) daemon designed for Linux and Unix based systems. It acts as a tunnel for a network interface, and embeds all communication into a sequence of encrypted UDP packets. This allows private network communication to occur through a larger network. tinc uses blowfish in cipher block chaining (CBC) mode to encrypt packets. The secret key is shared via a PKI-style handshake during the authentication process between two tinc daemons. In order to avoid the detection of regular traffic patterns (specifically, the ability to recognize repeated, identical packets), tinc prepends a two byte random salt to each packet before it is encrypted. As a result of the birthday paradox, a collision in salt values is likely when approximately 2-300 identical packets are transmitted. Under some applications, this may result in traffic patterns being leaked to an outside observer of the communication.