aimed to be reviewable, secure and
@url{https://en.wikipedia.org/wiki/Deep_packet_inspection, DPI}/censorship-resistant.
-@itemize @bullet
+@itemize
@item
Copylefted free software: licenced under
@url{https://www.gnu.org/licenses/gpl-3.0.html, GPLv3+}.
Fast strong @ref{PAKE, passphrase authenticated} augmented
@ref{Handshake, key agreement protocol} with zero-knowledge mutual peers
authentication (PAKE DH A-EKE (Diffie-Hellman Augmented Encrypted Key
-Exchange)), censorship resistant (indistinguishable from noise, with
-hidden packet's length).
+Exchange)).
@item
@ref{Verifier structure, Augmented authentication tokens} resistant to
-offline dictionary attacks. An attacker can not masquerade a client
-even with server passphrase verifiers compromising.
+offline dictionary attacks. They use CPU and memory hardened hashing
+algorithm. An attacker can not masquerade a client even with server
+passphrase verifiers compromising.
@item
Encrypted and authenticated @ref{Transport, payload transport}
with 128-bit @ref{Developer, security margin} state-of-the-art
-cryptography and censorship resistance (indistinguishability from noise
-and hiding of packet's length).
+cryptography.
+@item
+Censorship resistant handshake and transport messages: fully
+indistinguishable from the noise with optionally hidden packets lengths.
@item
@url{https://en.wikipedia.org/wiki/Forward_secrecy, Perfect forward secrecy}
property.