xpra icon
Bug tracker and wiki

This bug tracker and wiki are being discontinued
please use https://github.com/Xpra-org/xpra instead.

Opened 9 years ago

Last modified 4 months ago

#197 closed task

packet encryption for tcp sockets — at Version 2

Reported by: Antoine Martin Owned by: Antoine Martin
Priority: major Milestone: 0.8
Component: core Version: trunk
Keywords: Cc:

Description (last modified by Antoine Martin)

If someone wants to use a password to protect a session exposed with "--bind-tcp=", chances are do not want to be snooped upon either.

We should use a block cipher with the same password and encrypt all traffic (quite cheap).

Here is a good tutorial: Symmetric Encryption with PyCrypto

The cost will be:

  • padding on each packet (padded to 32 bytes for AES): so on average 16 bytes per packet
  • CPU time spent encrypting/decrypting stuff: low I think, can easily run automated tests to verify

The main difficulty is that our packet header sends the data size and now we will have a padded size and actual size...

Change History (2)

comment:1 Changed 9 years ago by Antoine Martin

Description: modified (diff)
Status: newaccepted

comment:2 Changed 9 years ago by Antoine Martin

Description: modified (diff)
Note: See TracTickets for help on using tickets.