Re: [usbip-devel] SSL support
Status: Alpha
Brought to you by:
hirofuchi
Menu
▾
▴
Re: [usbip-devel] SSL support
|
From: Tobias P. <tob...@fa...> - 2016-04-09 13:28:42
|
On 04/09/2016 03:53 AM, Qubyte wrote: > I am going to be looking into trying to implement SSL support in usbipd. Dominik Paulus and I made an attempt at supporting encryption for usbip in 2013. It wasn't perfect (and has not been merged), but a few people worked on it afterwards and the maintainer expressed interest in merging it in 2014 (https://lkml.org/lkml/2014/11/9/145). After that, nothing happened. > Obviously, for storage devices this would not be an optimal solution, > however, implementing an SSL transport for HID based devices would be nice. I am not sure what your rationale is here. While more encryption is almost always better, really securing HID devices in practise is difficult, e.g. look at "Timing Analysis of Keystrokes and Timing Attacks on SSH." by Song and Wagner. > usbipd also needs ACLs as well, especially if one host wants to restrict > access to certain usb devices. Some primitive ACLs already exist in the current code, which can be found in the drivers/usb/usbip subdirectory of the Linux kernel source. The Linux Kernel is currently the only actively maintained part of usbip, so you should definitely write to the kernel mailing list if you want to implement advanced capabilities. If on the other hand you are interested in the Windows code, I think it wants to be adopted ;). Regards Tobias Polzer |
