/VirtualPrivateNetwork-VPN

An implementation of VPN using TLS/TCP protocol and TUN interface

Primary LanguageC

Virtual Private Network

A Virtual Private Network (VPN) is used for creating a private scope of computer communications or providing a secure extension of a private network into an insecure network such as the Internet. VPN is a widely used security technology. VPN can be built upon IPSec or Transport Layer Security (TLS/SSL). These are two fundamentally different approaches for building VPNs. In this lab, I focus on the TLS/SSL-based VPNs. This type of VPNs is often referred to as TLS/SSL VPNs.

I master the network and security technologies underlying TLS VPNs. The design and implementation of TLS/SSL VPNs exemplify a number of security principles and technologies, including crypto, integrity, authentication, key management, key exchange, and Public-Key Infrastructure (PKI).

One can follow the lab structure to build a UDP based tunnel in Task 2, and then build a TLS/TCP based VPN from Task 3-5. I also have a demonstration video to understand the functioning of the VPN and explaining the important steps in the code. Please let me know if you need one and I can share a link to the video. The code is written in C language.

Motivation

The VPN was created as a part of the Internet Security (CSE644) course at Syracuse University. The course is well structured to understand the concepts of Internet Security.

Key Learnings

  • The VPN give us an idea of fundamental principles of internet security, including authentication, public key infrastructure, encryption, key exchange and management,and more.

  • There are many attacks and exploits that can be overcomed by just using a VPN.

References

  1. https://www.handsonsecurity.net/courses/intsec/labs.html
  2. Internet Security: A Hands-on Approach by Wenliang Du