Encryption

The encryption functionality in openUTM-Client has been revised. Security gaps have been closed, modern methods have been adopted and delivery has been simplified as follows:

• UTM-CLIENT-CRYPT variant
  Until now, the encryption functionality in openUTM-Client was only available if the product UTM-CLIENT-CRYPT was installed. With openUTM Client V7.0 this is no longer necessary. As of this version, it is decided at runtime whether the encryption functionality is available or not.

• Security
  A vulnerability has been fixed when communicating with a UTM application.

• Encryption Level 5
  The o penUTM client  V7.0 supports communication with UTM V7.0 applications when ENCRYPTION-LEVEL 5 was generated for the connections to the UPIC client.
  With Level 5 the Diffie-Hellman method, based on Elliptic Curves, is used to agree on the session key. Input/output messages are encrypted using the AES-GCM algorithm. AES-GCM is an authenticated encryption algorithm designed to provide both data authenticity (integrity) and confidentiality.
  Level 5 is supported by the openUTM-Client on all platforms.
• Encryption BS2000
  openUTM-Client (BS2000) uses openSSL instead of BS2000-CRYPT analogous to Unix, Linux and Windows systems.