Hi, this patch series extends our previous set of patches (see [1]). We extended the crypto support so all of the usbip network traffic can now be completely encrypted and authenticated. We now use GnuTLS not only for password verification, but extend the lifetime of the TLS connection to cover all of the userland communications. Before handing over the connection to the kernel, two randomly generated 128 bit session keys are exchanged between client and server and stored in sysfs together with the sockfd. The kernel uses these keys to encrypt and authenticate all of the traffic using AES-GCM and the linux crypto API. Separate keys are used for both directions of the data channel. To the best of our knowledge, the implemented encryption should provide decent security. However, it still lacks complete review; we also note that in the documentation. As mentioned in the project README, the network protocol needs more discussion. This series increments the protocol version, because the improved crypto support breaks compatibility with the previous patch series[1]. In the long term, the protocol should be extended to support proper feature negotiation. If both patch series are merged as one, the protocol version increment can be omitted - both patch series are compatible with unauthenticated transport, but are incompatible with each other. Regards, Tobias Polzer and Dominik Paulus [1] <1379066161-8278-1-git-send-email-dominik.paulus@xxxxxx>, https://lkml.org/lkml/2013/9/13/104 _______________________________________________ devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxx http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel