GoVPN project should be interesting in this maillist: http://www.cypherpunks.ru/govpn/ Aimed to be reviewable, secure, DPI-resistant, state-off-art crypto free software VPN daemon.
It is written on Go, so has small source code size. Uses fast Password Authenticated Key Exchange (PAKE) based on Diffie-Hellman (DH) Augmented Encrypted Key Exchange (A-EKE) for mutual strong zero-knowledge peers authentication, using Curve25519 and Ed25519. Data transport is encrypted (Salsa20), authenticated (Poly1305), hides message's length and timestamp by appending noise and generating constant packet rate dummy traffic. Perfect Forward Secrecy (PFS) property, resistance to dictionary attacks (PBKDF2 and server-side verifiers), replay attacks (nonces). Built-in heartbeating, rehandshaking. All traffic is indistinguishable from the noise. Feedback is appreciated! -- Happy hacking, Sergey Matveev _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
