After some more work and cleanup, I’ve published my source code at https://github.com/snej/secret-handshake-capnp <https://github.com/snej/secret-handshake-capnp>
Suggestions and fixes gratefully accepted, especially since much of the code is taken from Cap’n Proto itself and was “adapted for radio by putting it on a board and banging a few nails through it”, as Monty Python put it. Here’s the gist of the README: SecretHandshake For Cap’n Proto C++ implementation of the SecretHandshake <https://github.com/auditdrivencrypto/secret-handshake> protocol for the awesome Cap’n Proto <https://capnproto.org/> RPC library. This lets you upgrade your network connections with encryption and mutual authentication, without all the overhead of OpenSSL. (You don’t actually need Cap’n Proto to use this, but if so you’ll need to provide your own networking code.) <https://github.com/snej/secret-handshake-capnp#about-secrethandshake>About SecretHandshake SecretHandshake is “a mutually authenticating key agreement handshake, with forward secure identity metadata.” It was designed by Dominic Tarr and is used in the Secure Scuttlebutt P2P social network. It’s based on 256-bit elliptic Ed25519 key-pairs. The peers each maintain a long-term key pair, whose public key serves as a global identifier. The peer making the connection (“client”) must know the public key of the other peer (“server”) to be able to connect, and the server learns the client’s public key during the handshake. Each peer receives proof that the other has the matching private key. Much more detail is available in the design paper <http://dominictarr.github.io/secret-handshake-paper/shs.pdf>. The handshake also produces two session keys, which are then used to encrypt the channel with the 256-bit symmetric XSalsa20 cipher. (This is not strictly speaking part of the SecretHandshake protocol, which ends after key agreement. Scuttlebutt uses a different encryption scheme based on libSodium’s “secret box”.) -- You received this message because you are subscribed to the Google Groups "Cap'n Proto" group. To unsubscribe from this group and stop receiving emails from it, send an email to capnproto+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/capnproto/8C607A75-64AC-4E6D-A80D-5C0877B7656F%40mooseyard.com.