Protocols - wip

Contents

Basics

Fiat-Shamir

The Fiat–Shamir heuristic is a technique for taking an interactive proof of knowledge and creating a digital signature based on it. This way, some fact (for example, knowledge of a certain secret number) can be publicly proven without revealing underlying information. The technique is due to Amos Fiat and Adi Shamir (1986). For the method to work, the original interactive proof must have the property of being public-coin, i.e. verifier's random coins are made public throughout the proof protocol.

Direct Anonymous Attestation

A protocol that enables remote authentication of a trusted computer whilst preserving privacy of the platform's user. It has been adopted by the Trusted Computing Group (TCG). See also ISO/IEC 20008.

Quantum Key Distribution

A secure communication method which implements a cryptographic protocol involving components of quantum mechanics. It enables two parties to produce a shared random secret key known only to them, which can then be used to encrypt and decrypt messages

TLS

IPSEC

IPSEC is a network protocol suite that authenticates and encrypts the packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in virtual private networks (VPNs).

SSH

SSH basics

SSH is a network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution.

SSH operates as a layered protocol suite comprising three principal hierarchical components: SSH may be used in several ways. In the simplest manner, both ends of a communication channel use automatically generated public-private key pairs to encrypt a connection, and then use a password to authenticate the user. Command: 'ssh -V' gives version (OpenSSH), 'man ssh' gives info.

'ssh -Q cipher' queries symmetrical ciphers, e.g. 'ssh -Q cipher-auth' queries symmetric ciphers that support authenticated encryption), e.g. 'ssh -Q mac' queries macs, e.g. 'ssh -Q key', 'ssh -Q key-cert' and 'ssh -Q key-plain' query key types.

'ssh -Q kex' queries key exchange algorithms, e.g.

'ssh -Q sig' queries signature algorithms, e.g.

SSH other

Signal

The Signal protocol is a cryptographic messaging protocol that provides end-to-end encryption for instant messaging in WhatsApp, Wire, and Facebook Messenger among many others, serving well over 1 billion active users. Signal includes several uncommon security properties (such as "future secrecy" or "post-compromise security"), enabled by a novel technique called *ratcheting* in which session keys are updated with every message sent.

The protocol combines the Double Ratchet algorithm, prekeys, and a triple Elliptic-curve Diffie–Hellman (3-DH) handshake, and uses Curve25519, AES-256, and HMAC-SHA256 as primitives.

Other

I2P

I2P is a scalable, self organizing, resilient packet switched anonymous network layer, upon which any number of different anonymity or security conscious applications can operate. Each of these applications may make their own anonymity, latency, and throughput tradeoffs without worrying about the proper implementation of a free route mixnet, allowing them to blend their activity with the larger anonymity set of users already running on top of I2P.

Noise

Nebula

Nebula is a scalable overlay networking tool with a focus on performance, simplicity and security. It lets you seamlessly connect computers anywhere in the world. Nebula is portable, and runs on Linux, OSX, Windows, iOS, and Android. It can be used to connect a small number of computers, but is also able to connect tens of thousands of computers.