Hi Jason,
Thank you for the suggestions!
> - Instead of using siphash, if you can make use of 64 bytes of
> randomness at a time, you might be able to get away with chacha8 (or
> even lower). The input to chacha20 is typically a 256 bit key and a
> nonce, but because we don't care about the
Hi Roman,
> The "Usage" section speaks of "server" and "client". However in the WG world
> there's not really a server or client per se, but all WG network members are
> peers. As such, is it possible to propose an universal set of iptables rules
> that would be fine to use on any network node?
>
ChaCha6 is probably enough crypto-wise here.
On Wed 28 Sep 2022 at 18:35 Jason A. Donenfeld wrote:
> Hey Wei,
>
> On Sat, Sep 10, 2022 at 06:34:42AM -0500, Wei Chen wrote:
> > Hi,
> >
> > Jason once suggested use a netfilter module for obfuscation[1]. Here is
> one.
> >
> > https://github.com/inf
Hey Wei,
On Sat, Sep 10, 2022 at 06:34:42AM -0500, Wei Chen wrote:
> Hi,
>
> Jason once suggested use a netfilter module for obfuscation[1]. Here is one.
>
> https://github.com/infinet/xt_wgobfs
>
> It uses SipHash 1-2 to generate pseudo-random numbers in a reproducible way.
> Sender and receiv