scripts which run during compilation require the EMPH(Bourne
again shell). It is most likely already installed.
- - XREFERENCE(http://www.openssl.org/, openssl). The EMPH(Secure
- Sockets Layer) library is needed for cryptographic routines
- on both the server and the client side. It is usually shipped
- with the distro, but you might have to install the "development
- package" (called libssl-dev on debian systems) as well.
+ - XREFERENCE(http://www.openssl.org/, openssl) or
+ XREFERENCE(ftp://ftp.gnupg.org/gcrypt/libgcrypt/, libgcrypt).
+ At least one of these two libraries is needed as the backend
+ for cryptographic routines on both the server and the client
+ side. Both openssl and libgcrypt are usually shipped with the
+ distro, but you might have to install the development package
+ (libssl-dev or libgcrypt-dev on debian systems) as well.
- XREFERENCE(ftp://ftp.gnu.org/pub/gnu/help2man, help2man)
is used to create the man pages.
this point on the communication is encrypted using the RC4
stream cipher with the session key known to both peers.
-paraslash relies on the quality of openssl's cryptographically strong
-pseudo-random bytes, on the security of the implementation of the
-openssl RSA and RC4 crypto routines and on the infeasibility to invert
-the SHA1 function.
+paraslash relies on the quality of the pseudo-random bytes provided
+by the crypto library (openssl or libgcrypt), on the security of
+the implementation of the RSA and RC4 crypto routines and on the
+infeasibility to invert the SHA1 function.
Neither para_server or para_client create RSA keys on their own. This
has to be done once for each user as sketched in REFERENCE(Quick start,
projects / paraslash.git / commitdiff