Re: Modifying Cryptography code

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sep 6, 2005, at 08:38:48, Alaa Dalghan wrote:
What I am looking for is the portion of the C code in the kernel where
the Decryption function is called to decrypt a received packet. When I
find this statement, maybe i can make it conditionnal such as:  If the
destination is me then Decrypt  else DO NOT!

You can't make this work.  First of all, the other WinXP clients would
be completely unable to decrypt your packets, because they don't have
the right key.  Secondly, the kernel cannot know what the destination
is until *after* it has decrypted the packet, because the real target
address is encrypted along with the rest of the data for security.  If
your OpenSwan box is too slow, get a faster OpenSwan box, don't try to
break the encryption to make it faster.  You cannot remove enough
encryption features to get the required extra speed without disabling
the encryption entirely.

Cheers,
Kyle Moffett

-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCM/CS/IT/U d- s++: a18 C++++>$ UB/L/X/*++++(+)>$ P+++(++++)>$ L++++(+ ++) E W++(+) N+++(++) o? K? w--- O? M++ V? PS+() PE+(-) Y+ PGP+++ t+(+++) 5 X R?
tv-(--) b++++(++) DI+ D+ G e->++++$ h!*()>++$ r  !y?(-)
------END GEEK CODE BLOCK------


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]
  Powered by Linux