This incudes libgcrypt in the remark on crypto security and
adds an external link to the libgcrypt web page.
scripts which run during compilation require the EMPH(Bourne
again shell). It is most likely already installed.
scripts which run during compilation require the EMPH(Bourne
again shell). It is most likely already installed.
- - XREFERENCE(http://www.openssl.org/, openssl). The EMPH(Secure
- Sockets Layer) library is needed for cryptographic routines
- on both the server and the client side. It is usually shipped
- with the distro, but you might have to install the "development
- package" (called libssl-dev on debian systems) as well.
+ - XREFERENCE(http://www.openssl.org/, openssl) or
+ XREFERENCE(ftp://ftp.gnupg.org/gcrypt/libgcrypt/, libgcrypt).
+ At least one of these two libraries is needed as the backend
+ for cryptographic routines on both the server and the client
+ side. Both openssl and libgcrypt are usually shipped with the
+ distro, but you might have to install the development package
+ (libssl-dev or libgcrypt-dev on debian systems) as well.
- XREFERENCE(ftp://ftp.gnu.org/pub/gnu/help2man, help2man)
is used to create the man pages.
- XREFERENCE(ftp://ftp.gnu.org/pub/gnu/help2man, help2man)
is used to create the man pages.
this point on the communication is encrypted using the RC4
stream cipher with the session key known to both peers.
this point on the communication is encrypted using the RC4
stream cipher with the session key known to both peers.
-paraslash relies on the quality of openssl's cryptographically strong
-pseudo-random bytes, on the security of the implementation of the
-openssl RSA and RC4 crypto routines and on the infeasibility to invert
-the SHA1 function.
+paraslash relies on the quality of the pseudo-random bytes provided
+by the crypto library (openssl or libgcrypt), on the security of
+the implementation of the RSA and RC4 crypto routines and on the
+infeasibility to invert the SHA1 function.
Neither para_server or para_client create RSA keys on their own. This
has to be done once for each user as sketched in REFERENCE(Quick start,
Neither para_server or para_client create RSA keys on their own. This
has to be done once for each user as sketched in REFERENCE(Quick start,