User Tools

Site Tools


Sidebar

The VSCP Server

Setup

Configure

Server/Service Discovery

Security

Webserver

UDP

Multicast

TCP/IP Interface

TCP/IP Protocol Description

DRIVER

FILE

UDP

REMOTE

INTERFACE

DM

VAR

TABLE

Websocket

Websocket Commands

Widgets

REST interface

Decision Matrix

Tables

Variables

Drivers

Level I Drivers

Level II Drivers

Appendix

Other documentation

security_general

Security

Security is very important in VSCP and so also of course in the VSCP daemon. Still much of it has been put aside during the development of VSCP & Friends. The reason is that the subject of security is difficult and hard and need a lot of thought before it is deployed. But now from version 1.13 of the package security will be implemented in all areas of the framework.

Encryption key

For encryption a 256-bit key is used. This key can be stored in the vscpd.conf file as 32 byte hex string (<general> section <security>) in which case the vscpd.conf file must be protected from read from other uses. The second alternative is to give it as a key when the VSCP server starts up. Use the -k switch for that as

vscpd -kA4A86F7D7E119BA3F0CD06881E371B989B33B6D606A863B633EF529D64544F8E 

If no key is given A4A86F7D7E119BA3F0CD06881E371B989B33B6D606A863B633EF529D64544F8E is used.

For AES128 and AES192 the fist 16 respective 24 bytes is used.

Storage of passwords

Passwords is calculated as SHA256 over “username;authdomain;password”

TCP/IP

  • Uses username/password.
  • Uses SSL.

Password is the MD5 over username:authdomain:password

Web/REST/websockets

  • Uses username/password.
  • Uses SSL

VSCP UDP

  • Encryption with AES128/192/256 and 128 bit random IV.

VSCP Muticast

  • Encryption with AES128/192/256 and 128 bit random IV.

Password is the MD5 over username:authdomain:password




Grodans Paradis AB

security_general.txt · Last modified: 2017/06/25 22:07 by admin