dtls – WindowsTechs.com

Are there any true TLS-based VPNs? [closed]

Posted on December 21, 2024 by DerekKnowles

I’m aware that OpenVPN uses TLS but in OpenVPN’s case, it uses only the TLS handshake for authenticated key exchange, for the actual transport encryption it uses its own protocol and packet format. So I’m wondering if there are any VPN’s t… Continue reading Are there any true TLS-based VPNs? [closed]→

Security considerations in choosing DTLS connection IDs

Posted on July 5, 2024 by Perseids

Are there any security concerns with choosing highly structured or short connection IDs for use in DTLS? For example:

32bit connection IDs handed out sequentially: There is obviously statistical data being revealed and wrapping around the… Continue reading Security considerations in choosing DTLS connection IDs→

Define DH parametes in python-mbedtls

Posted on June 23, 2024 by some random dude

I’m using python-mbedtls library – https://github.com/Synss/python-mbedtls/tree/master
my goal is to create handshake with different cipher suites,
I’ve managed to do so with the given server and client files in the library – https://githu… Continue reading Define DH parametes in python-mbedtls→

Penetration testing a VPN client DTLS traffic?

Posted on December 25, 2022 by uvzz

I’m trying to perform a pentest on a VPN server.
I’m trying to find a way to intercept, decrypt and manipulate the DTLS traffic between the VPN client and server – Burp suite style.
In the VPN client, I can enter a server IP address to con… Continue reading Penetration testing a VPN client DTLS traffic?→

Penetration testing a VPN client DTLS traffic? [closed]

Posted on December 25, 2022 by uvzz

With SCTP and SHA-1 the random parameters are exchanged in init and init ack. What is used as HMAC key?

Posted on April 14, 2021 by Jay Johnson

SCTP INIT has client random parameter.
SCTP INIT ACK has server random parameter.

There are no shared keys.
Using SHA-1, what key does the client or server use when performing the HMAC calculation?
Does the sender use their own random pa… Continue reading With SCTP and SHA-1 the random parameters are exchanged in init and init ack. What is used as HMAC key?→

How does one programmatically enable Keep Alive in DTLS? [migrated]

Posted on November 19, 2020 by Shiva

How does one programmatically (by calling an API) enable Keep-Alive in DTLS?
I am using BIO_new_dgram() to connect in OpenSSL 1.1.1 series.

Continue reading How does one programmatically enable Keep Alive in DTLS? [migrated]→

DTLS vs direct use of AES. What are the threats unique for direct use of AES instead of DTLS?

Posted on June 10, 2020 by Vlad Novakovsky

For regular traffic in mesh network (between Internet of Thing devices) customer decided to use one of two options:

DTLS PSK ciphersuite – DTLS based on pre-shared symmetric key
or direct use of AES – customer wants to minimize traffic be… Continue reading DTLS vs direct use of AES. What are the threats unique for direct use of AES instead of DTLS?→

Using Noise Framework KK as alternative to DTLS?

Posted on May 24, 2020 by Pepperized

I am trying to create a secure UDP connection in NET Core. Due to DTLS not being supported and it being quite the headache and existing libraries (DTLS.Net) are limited and inactive. Noise Framework seems good as I can customise it to our … Continue reading Using Noise Framework KK as alternative to DTLS?→

Setting Min TLS version for OpenConnect client

Posted on May 17, 2020 by Kayvan Tehrani

I’m using ‘OpenConnect version v8.05’ on Red Hat Enterprise Linux 8.1 (Ootpa) in order to connect to a server.
The server only accepts SSLv3, TLSv1.0 ciphers and I don’t have access to the server for security update/upgrade.
When I try to … Continue reading Setting Min TLS version for OpenConnect client→