Protocols - wip
The Fiat–Shamir heuristic is a technique for taking an interactive proof of knowledge and creating a digital signature based
on it. This way, some fact (for example, knowledge of a certain secret number) can be publicly proven without revealing
underlying information. The technique is due to Amos Fiat and Adi Shamir (1986). For the method to work, the original
interactive proof must have the property of being public-coin, i.e. verifier's random coins are made public throughout the proof protocol.
Direct Anonymous Attestation
A protocol that enables remote authentication of a trusted computer whilst preserving privacy of the platform's user.
It has been adopted by the Trusted Computing Group (TCG). See also ISO/IEC 20008.
IPSEC is a network protocol suite that authenticates and encrypts the packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in virtual private networks (VPNs).
SSH is a network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution.
SSH operates as a layered protocol suite comprising three principal hierarchical components:
SSH may be used in several ways. In the simplest manner, both ends of a communication channel use automatically generated public-private key pairs to encrypt a connection, and then use a password to authenticate the user.
Command: 'ssh -V' gives version (OpenSSH), 'man ssh' gives info.
'ssh -Q cipher' queries symmetrical ciphers, e.g.
- the transport layer provides server authentication, confidentiality, and integrity
- the user authentication protocol validates the user to the server
- the connection protocol multiplexes the encrypted tunnel into multiple logical communication channels
'ssh -Q cipher-auth' queries symmetric ciphers that support authenticated encryption), e.g.
'ssh -Q mac' queries macs, e.g.
'ssh -Q key', 'ssh -Q key-cert' and 'ssh -Q key-plain' query key types.
'ssh -Q kex' queries key exchange algorithms, e.g.
'ssh -Q sig' queries signature algorithms, e.g.
The Signal protocol is a cryptographic messaging protocol that provides end-to-end encryption for instant messaging in WhatsApp, Wire, and Facebook Messenger among many others,
serving well over 1 billion active users.
Signal includes several uncommon security properties (such as "future secrecy" or "post-compromise security"), enabled by a novel technique called
*ratcheting* in which session keys are updated with every message sent.
The protocol combines the Double Ratchet algorithm, prekeys, and a triple Elliptic-curve Diffie–Hellman (3-DH) handshake,
and uses Curve25519, AES-256, and HMAC-SHA256 as primitives.
I2P is a scalable, self organizing, resilient packet switched anonymous network layer, upon which any number of different
anonymity or security conscious applications can operate. Each of these applications may make their own anonymity, latency,
and throughput tradeoffs without worrying about the proper implementation of a free route mixnet, allowing them to blend
their activity with the larger anonymity set of users already running on top of I2P.
- I2P doc
- I2P ntcp
- I2P ntcp2
- NTCP2 is an authenticated key agreement protocol that improves the resistance of NTCP to various forms of automated identification and attacks
- NoiseProtocol - WhatsApp, I2P, ...
- Noise is a framework for crypto protocols based on Diffie-Hellman key agreement.
Nebula is a scalable overlay networking tool with a focus on performance, simplicity and security. It lets you seamlessly connect computers anywhere in the world. Nebula is portable, and runs on Linux, OSX, Windows, iOS, and Android. It can be used to connect a small number of computers, but is also able to connect tens of thousands of computers.