[winswitch] Reworking Encryption in Xpra

Michael Vrable mvrable at google.com
Wed Oct 31 17:10:17 GMT 2012


On Wed, Oct 31, 2012 at 01:48:32PM +0700, Antoine Martin wrote:
> On 10/31/2012 12:50 PM, Michael Vrable wrote:
>> Does the mailing list strip attachments?  I'm not sure it went 
>> through, so here it is again inline.
> It looks like it does, even though mailman's "Scrub attachments of 
> regular delivery message?" is turned off..

I noticed later that my original message was flagged as spam by 
mail.nagafix.co.uk for some reason, so perhaps that was related to the 
attachment scrubbing?  The second message was not marked as spam.

>> This assumes that both sides have run some type of key-agreement 
>> protocol to establish a shared session secret.  I'm working on the 
>> key exchange part in a separate patch which will follow.
> Out of curiosity, what sort of key exchange are you interested in?

The code I'm working on currently simply does a basic Diffie-Hellman key 
exchange with an HMAC to prevent a man-in-the-middle attack, but this 
does leak information about the password to an active attacker.

After I get the basics working, I was considering implementing something 
based on EAP-EKE since that is standardized.  SPEKE is nice and simple, 
but there might be patent issues (I haven't fully investigated) so that 
might be worth avoiding.  In any case, it should be fairly easy to plug 
in different mechanisms once I get the framework for it.

> (I may move the crypto import stuff to where it is used to allow one 
> to build xpra without the crypto options - no biggie)

Good point, I'll do that to my patches here.

--Michael Vrable



More information about the shifter-users mailing list