[Cryptography] GoVPN -- reviewable secure state-off-art crypto free software VPN daemon
stargrave at stargrave.org
stargrave at stargrave.org
Sun May 3 09:44:52 EDT 2015
GoVPN project should be interesting in this maillist: http://www.cypherpunks.ru/govpn/
Aimed to be reviewable, secure, DPI-resistant, state-off-art crypto
free software VPN daemon.
It is written on Go, so has small source code size. Uses fast
Password Authenticated Key Exchange (PAKE) based on Diffie-Hellman (DH)
Augmented Encrypted Key Exchange (A-EKE) for mutual strong
zero-knowledge peers authentication, using Curve25519 and Ed25519. Data
transport is encrypted (Salsa20), authenticated (Poly1305), hides
message's length and timestamp by appending noise and generating
constant packet rate dummy traffic. Perfect Forward Secrecy (PFS)
property, resistance to dictionary attacks (PBKDF2 and server-side
verifiers), replay attacks (nonces). Built-in heartbeating,
rehandshaking. All traffic is indistinguishable from the noise.
Feedback is appreciated!
--
Happy hacking, Sergey Matveev
More information about the cryptography
mailing list