Yavipind For Linux

Yavipind is a secure tunnel aka 2 peers securely forwarding packets toward each other. It forwards any kind of packet (IPv4, IPv6 or other) sent over the virtual point-to-point device (e.g. tun0). It fully runs in linux userspace.

yavipin has been written because i wasn't satisfied by the existing alternatives. i published some security holes i know in alternatives to bring awareness to users and help them to do a knowledgeable choise:

Security analysis of VTun: This text is a security analysis of VTun. It includes a description of the security based on the source and lists the possible attacks. An attacker can modify packets, replay them, learn pattern of the plain text or easily guess low-entropy password. Security flaws in tinc: This text describes security flaws in Tinc. It includes a description of the security and lists the possible attacks. An attacker can modify packets, replay them and learn pattern of the plain text.

When designing the protocol and writting the software, the author used the following criteria: the security MUST as strong as reasonably possible, yavipin SHOULD be network efficient, easy to use and install.

Network efficiency:

small packet overhead: 26bytes (e.g. ESP with DES+MD5 is 32byte) Packet compression: Forwarded packets may be compressed using deflate (gzip). (WORK: add stat about efficiency) NAT compatible: yavipin's tunnel may be establish over NAT as all packets of a tunnel are sent over a single UDP/IPv4 connection. Moreover the peer unreachability detection periodically send packets which prevent the NAT engine from timing out the connection state. Peer unreachabilty detection: If the other peer becomes unreachable, it will be detected. It is done ala IPv6 neighbours discovery (rfc2461.7). Gracefull shutdown: If a peer purposely stops, it will notify the other which is immediatly aware of it.

Usage's simplicity:

it works in userspace and you don't need to recompile the kernel reuse existing tools: As yavipin use a virtual device, it is possible to apply to the tunnel any tool designed for network device. For example, it is possible to set up a firewall using ipchains/netfilter or to do traffic shapping using the kernel's traffic control (see tc).

Security's strength:

packet security: each packet exchanged during the connection is encrypted using blowfish CFB and authenticated with HMAC-MD5 96bits. protection against packet replay: It uses strict anti-replay and no packet can be accepted twice. A eavedropper can't take a packet, keep it for a while and make it accept a second time by the destination. Efficient session key renewal: It uses hash chains for efficiency. It allows smooth key transition not to cause any packet loss during the renewal. It provides forward secrecy inside the connection. Protect DoS ala TCP syn : It uses cookie exchange (rfc2522.3) during the connection establishement. Forward secrecy : Even if the attacker cracks the box, he won't be able to decrypt network traffic older than a given delay (default 10min). The diffie-hellman private key and the session key are periodically renewed and securely erased from memory.