github/wangyu-udp2raw
1
0
Fork 0
mirror of https://github.com/wangyu-/udp2raw.git synced 2025-01-31 20:29:36 +08:00
Code Issues Packages Projects Releases Wiki Activity

Updated Notes on encryption (markdown)

wangyu- 2020-08-17 18:50:00 -04:00
parent 2b83d6065f
commit 53c29ec40e
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Notes-on-encryption.md

@ -18,7 +18,7 @@ In udp2raw, not only the data but also udp2raw protocol itself will be obsecured
When `md5` and `aes` are used, udp2raw use the hash-then-encrpy scheme, encrpyted hash is served as mac. The security is less than using hmac, but the md5 option is kept for compatiblity. When `md5` and `aes` are used, udp2raw use the hash-then-encrpy scheme, encrpyted hash is served as mac. The security is less than using hmac, but the md5 option is kept for compatiblity.
When `hmac-sha1` and `aes` are used, first udp2raw will use PKCS5_PBKDF2 for key strenghing and HKDF for key deriving, then use a encrypt-then-mac scheme. When `hmac-sha1` and `aes` are used, first udp2raw will use PKCS5_PBKDF2 for key strenghing and HKDF for key deriving, then use the encrypt-then-mac scheme.
To prevent replay a whole connection, udp2raw client and server will challenge each other with random numbers. To prevent replay a whole connection, udp2raw client and server will challenge each other with random numbers.