641 B
641 B
This is a fork of VTUN, with the following changes:
-
OpenSSL was replaced by Libsodium (this currently requires code from the git repository to be compiled until version 1.0.4 is out).
-
Unauthenticated encryption schemes were replaced with hardware-accelerated AES256-GCM.
-
The static, shared key was replaced by an ephemeral keys exchange with Curve25519. The PSK is now only used to sign ephemeral public keys and parameters.
-
Protection against replay attacks was added.
-
Passwords are not kept in memory, guarded memory allocations are used for secrets.