How secure is gen_tcp

I am using :gen_tcp to send raw data between peers. How secure is gen_tcp? Do I need to add an extra security layer on top of what gen_tcp currently provides?

:gen_tcp fulfills the TCP standard very well, what do you means how secure? Like no buffer overflow packet handling or so? It’s not susceptible to those things, so what are you meaning?

I am sorry I am new here. I guess I should have phrased my question better.
What I meant was would gen_tcp handles file corruption, data encryption, … Or do I need to implement those things myself?

There’s no file’s for TCP communication. However TCP itself is a reliable protocol, it already tries to prevent corruption for data transferred.

This is a layer above TCP, not TCP itself. This would be like ssl, so look at :gen_ssl, which it itself runs on top of :gen_tcp.


TCP does not know about files or encryption by itself, so you need to implement another transfer protocol on top that suites your needs.

TCP only saves you for packet loss as it will rerequest packages that are missing from a sequence. AFAIR also packages are checksummed but I’m not sure about that one…

Nevertheless, gen_tcp won’t give you magically more or better guarantees that TCP would give you.


Thank you @NobbZ and @OvermindDL1! Any suggestion on what I should do to implement a secure file transferring?

Use ssh module if you can and setup SSH server on the other end. In that way you will not need anything extra.


Depends on what you are transferring to or from?

If it’s multiple local erlang nodes, could just use the standard distribution, if it’s remote erlang nodes then standard distribution over an SSH tunnel. Honestly I’d just use :ssh_sftp regardless of what it is, or a web server.


Unfortunately, I can’t do an ssh. I am doing a P2P file transfer between untrusted devices.

SSH works just fine for that, one connects to the other, they just host a little ssh thing and the other connects and transfers what it needs fully encrypted.


Thank you! I will try it out!

1 Like