]> Cypherpunks.ru repositories - govpn.git/blobdiff - doc/overview.texi
projects / govpn.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Use A-EKE instead of EKE. Doc refactoring. Preparing for 3.0 release
[govpn.git] / doc / overview.texi
diff --git a/doc/overview.texi b/doc/overview.texi
index 1886f0318e0de5bd61e37fe0757da3c75e9eb7c5..f6b81ac771075f02233896e49d58619ac6f45b16 100644 (file)
--- a/doc/overview.texi
+++ b/doc/overview.texi
@@ -11,12 +11,17 @@ goals for that daemon. Most modern widespread protocols and their
 implementations in software are too complex to be reviewed, analyzed and
 modified.
 
 implementations in software are too complex to be reviewed, analyzed and
 modified.
 
-State off art cryptography technologies include:
+State off art cryptography technologies includes:
 @url{http://cr.yp.to/snuffle.html, Salsa20} stream encryption,
 @url{http://143.53.36.235:8080/tea.htm, XTEA} PRP,
 @url{http://cr.yp.to/mac.html, Poly1305} message authentication,
 @url{http://cr.yp.to/snuffle.html, Salsa20} stream encryption,
 @url{http://143.53.36.235:8080/tea.htm, XTEA} PRP,
 @url{http://cr.yp.to/mac.html, Poly1305} message authentication,
-@url{https://en.wikipedia.org/wiki/Encrypted_key_exchange, Diffie-Hellman Encrypted Key Exchange}
-(DH-EKE) powered by @url{http://cr.yp.to/ecdh.html, Curve25519}.
+@url{https://en.wikipedia.org/wiki/PBKDF2} password-based key derivation
+function based on @url{https://en.wikipedia.org/wiki/SHA-2, SHA-512}
+hash function,
+@url{https://en.wikipedia.org/wiki/Encrypted_key_exchange,
+Diffie-Hellman Augmented Encrypted Key Exchange}
+(DH-A-EKE) powered by @url{http://cr.yp.to/ecdh.html, Curve25519} and
+@url{http://ed25519.cr.yp.to/, Ed25519} signatures.
 Strong
 @url{https://en.wikipedia.org/wiki/Zero-knowledge_password_proof, zero-knowledge}
 mutual authentication with key exchange stage is invulnerable
 Strong
 @url{https://en.wikipedia.org/wiki/Zero-knowledge_password_proof, zero-knowledge}
 mutual authentication with key exchange stage is invulnerable
@@ -24,8 +29,10 @@ to man-in-the-middle attacks.
 @url{https://en.wikipedia.org/wiki/Forward_secrecy, Perfect forward secrecy}
 property guarantee that compromising of long-term authentication
 pre-shared key can not lead to previously captured traffic decrypting.
 @url{https://en.wikipedia.org/wiki/Forward_secrecy, Perfect forward secrecy}
 property guarantee that compromising of long-term authentication
 pre-shared key can not lead to previously captured traffic decrypting.
-Rehandshaking ensures session keys rotation. MAC authentication with
-one-time keys protects against
+Compromising of peers password file on server side won't allow attacker
+to masquerade as the client, because of asymmetric @strong{verifiers}
+usage, resistant to dictionary attacks. Rehandshaking ensures session
+keys rotation. MAC authentication with one-time keys protects against
 @url{https://en.wikipedia.org/wiki/Replay_attack, replay attacks}.
 
 Server can work with several clients simultaneously. Each client is
 @url{https://en.wikipedia.org/wiki/Replay_attack, replay attacks}.
 
 Server can work with several clients simultaneously. Each client is
@@ -36,7 +43,7 @@ are applied per-peer separately.
 Optional ability to hide payload packets lengths by appending
 @strong{noise} to them during transmission. Ability to generate constant
 packet rate traffic (@strong{CPR}) that will hide even the fact of
 Optional ability to hide payload packets lengths by appending
 @strong{noise} to them during transmission. Ability to generate constant
 packet rate traffic (@strong{CPR}) that will hide even the fact of
-packets appearance.
+packets appearance, their timestamps.
 
 The only platform specific requirement is TAP network interface support.
 API to that kind of device is different, OS dependent and non portable.
 
 The only platform specific requirement is TAP network interface support.
 API to that kind of device is different, OS dependent and non portable.
@@ -57,6 +64,9 @@ network interfaces on top of UDP entirely
 @item IPv6 compatible
 @item Encrypted and authenticated payload transport
 @item Relatively fast handshake
 @item IPv6 compatible
 @item Encrypted and authenticated payload transport
 @item Relatively fast handshake
+@item Password-authenticated key exchange
+@item Server-side password verifiers are secure against dictionary attacks
+@item Attacker can not masquerade a client even with password files compromising
 @item Replay attack protection
 @item Perfect forward secrecy property
 @item Mutual two-side authentication
 @item Replay attack protection
 @item Perfect forward secrecy property
 @item Mutual two-side authentication
@@ -65,7 +75,7 @@ network interfaces on top of UDP entirely
 @item Several simultaneous clients support
 @item Per-client configuration options
 @item Hiding of payload packets length with noise
 @item Several simultaneous clients support
 @item Per-client configuration options
 @item Hiding of payload packets length with noise
-@item Hiding of payload packets appearance with constant packet rate traffic
+@item Hiding of payload packets timestamps with constant packet rate traffic
 @item Optional built-in HTTP-server for retrieving information about
 known connected peers in @url{http://json.org/, JSON} format
 @end itemize
 @item Optional built-in HTTP-server for retrieving information about
 known connected peers in @url{http://json.org/, JSON} format
 @end itemize
Simple secure free software VPN daemon