[zeromq-dev] Is there a guide on how to set up encryption for ZMQ?

Pieter Hintjens ph at imatix.com
Sun Feb 16 09:48:27 CET 2014


There's a guide to ZeroMQ v4's security, on http://hintjens.com/blog:_zeromq.

JeroMQ support is coming, without timelines. It always depends on pull
from users and funding.

All security is experimental until it's broken. Rolling your own
security would be the worst option. You can study the CurveZMQ docs in
detail to see how it works, and get some level of confidence. It comes
down to trusting NaCl and CurveCP, and the implementation of CurveZMQ
in libzmq.

At this stage I'd assume there are far easier exploits into a ZeroMQ
peer than by cracking its front-door security, if you use CURVE.

I hope this helps.

-Pieter

On Sat, Feb 15, 2014 at 3:05 PM, Stephane Wirtel <stephane at wirtel.be> wrote:
> May be use the same principle of salt, use aes
>
> On 15 févr. 2014, at 02:41 PM, Mark Wright <markscottwright at gmail.com>
> wrote:
>
> I'm looking to at least encrypt messages on the wire, at most to mutually
> authenticate clients and servers.  The CurveZMQ site says that it's
> "experimental" - is it not ready for use?
>
> Is there a timeline for JeroMQ support?
>
> --
> Mark Wright
> markscottwright at gmail.com
>
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>
>
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>



More information about the zeromq-dev mailing list