Yavipind is a secure tunnel aka 2 peers securely forwarding packets
toward each other.
It forwards any kind of packet (IPv4, IPv6 or other) sent over the virtual
point-to-point device (e.g. tun0).
It fully runs in linux userspace.
A comprehensive introduction
(originally written for
is available. It is overview of yavipin's capabilities and motivations.
you can download
it or look at the ChangeLog.
Other secure tunnels analysis:
yavipin has been written because i wasn't satisfied by the existing
alternatives. i published some security holes i know in alternatives
to bring awareness to users and help them to do a knowledgeable
- Security analysis of VTun:
This text is a security analysis of VTun.
It includes a description of the security based on the source and
lists the possible attacks.
An attacker can modify packets, replay them, learn pattern
of the plain text or easily guess low-entropy password.
- Security flaws in tinc:
This text describes security flaws in Tinc.
It includes a description of the security and
lists the possible attacks.
An attacker can modify packets, replay them and learn pattern
of the plain text.
When designing the protocol and writting the software, the author
used the following criteria:
the security MUST as strong as reasonably possible, yavipin SHOULD be
network efficient, easy to use and install.
- small packet overhead: 26bytes (e.g. ESP with DES+MD5 is 32byte)
- Packet compression:
Forwarded packets may be compressed using deflate (gzip).
(WORK: add stat about efficiency)
- NAT compatible:
yavipin's tunnel may be establish over NAT as
all packets of a tunnel are sent over a single UDP/IPv4 connection.
Moreover the peer unreachability detection periodically send packets
which prevent the NAT engine from timing out the connection state.
- Peer unreachabilty detection:
If the other peer becomes unreachable, it will be detected.
It is done ala IPv6 neighbours discovery (rfc2461.7).
- Gracefull shutdown:
If a peer purposely stops, it will notify the other which is
immediatly aware of it.
- Fully in userspace: No need to recompile the kernel
- reuse existing tools:
As yavipin use a virtual device, it is possible to apply to the
tunnel any tool designed for network device.
For example, it is possible to set up a firewall using
ipchains/netfilter or to do traffic shapping using the
kernel's traffic control (see tc).
- packet security:
each packet exchanged during the connection is encrypted using
blowfish CFB and authenticated with HMAC-MD5 96bits.
- protection against packet replay:
It uses strict anti-replay and no packet can be accepted twice.
A eavedropper can't take a packet, keep it for a while and make
it accept a second time by the destination.
- Efficient session key renewal:
It uses hash chains for efficiency. It allows smooth key transition
not to cause any packet loss during the renewal.
It provides forward secrecy inside the connection.
- Protect DoS ala TCP syn :
It uses cookie exchange (rfc2522.3) during the connection
- Forward secrecy :
Even if the attacker cracks the box, he won't be able to decrypt
network traffic older than a given delay (default 10min).
The diffie-hellman private key and the session key are periodically
renewed and securely erased from memory.
Currently, yavipind has been tested only on linux-2.4 and will be ported
soon to linux-2.2.
To port it on another UNIX should be not too hard. The new OS must
support openssl, glib and virtual tunnels. openssl and glib are
very portable and Universal TUN/TAP device
driver is supported by linux, solaris and freebsd. Any volunteer ?
yavipin protocol and software have been written by jerome etienne (jme
yavipin project is hosted by