]> Cypherpunks.ru repositories - govpn.git/blobdiff - doc/transport.texi
projects / govpn.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
[DOC] Various small corrections
[govpn.git] / doc / transport.texi
diff --git a/doc/transport.texi b/doc/transport.texi
index 97fdce8ba04e397dca7542d38a3d9214196166cb..f5ca87e1f0576df4af79d0df51595a16caf4c64f 100644 (file)
--- a/doc/transport.texi
+++ b/doc/transport.texi
@@ -2,26 +2,26 @@
 @section Transport protocol
 
 @verbatim
-TAG || ENCRYPTED || NONCE <-- PACKET
+TAG || ENCRYPTED || NONCE --> PACKET
  ^         ^          ^
  |         |          |
- |         |          +------------+
- |         |                       |
- |         +------------+          |
- |                      |          |
- +-->AUTH(AUTH_KEY, ENCRYPTED || NONCE)
-                        ^          ^
-                        |          |
-+-----------------------+          |
-|                                  |
-|                   +--------------+
+ |         |          +-------------+
+ |         |                        |
+ |         +-------------+          |
+ |                       |          |
+ +--AUTH(AUTH_KEY, ENCRYPTED || NONCE)
+                         ^          ^
+                         |          |
++------------------------+          |
+|                                   |
+|                   +---------------+
 |                   |
-+--> ENCRYPT(KEY, NONCE, PAYLOAD)
++--< ENCRYPT(KEY, NONCE, PAYLOAD)
                     ^       ^
                     |       |
-                    |       +--> SIZE || DATA [|| NOISE]
+                    |       +--< DATA || PAD [|| ZEROS]
                     |
-                    +--> PRP(PRP_KEY, SERIAL)
+                    +--< PRP(PRP_KEY, SERIAL)
 @end verbatim
 
 @code{SERIAL} is message's serial number. Odds are reserved for
@@ -36,7 +36,7 @@ XTEA's encryption key is the first 128-bit of Salsa20's output with
 established common key and zero nonce (message nonces start from 1).
 
 @verbatim
-PRP_KEY = ENCRYPT(KEY, 0, 128-bit)
+PRP_KEY = 128bit(ENCRYPT(KEY, 0))
 @end verbatim
 
 @code{ENCRYPT} is Salsa20 stream cipher, with established session
@@ -44,18 +44,27 @@ PRP_KEY = ENCRYPT(KEY, 0, 128-bit)
 Salsa20's output is ignored and only remaining is XORed with ther data,
 encrypting it.
 
-@code{SIZE} is big-endian @emph{uint16} storing length of the
-@code{DATA}.
-
-@code{NOISE} is optional. It is just some junk data, intended to fill up
-packet to MTU size. This is useful for concealing payload packets length.
+@code{DATA} is padded with @code{PAD} (0x80 byte). Optional @code{ZEROS}
+may follow, to fillup packet with the junk to conceal pyload packet
+length.
 
 @code{AUTH} is Poly1305 authentication function. First 256 bits of
 Salsa20's output are used as a one-time key for @code{AUTH}.
 
 @verbatim
-AUTH_KEY = ENCRYPT(KEY, NONCE, 256 bit)
+AUTH_KEY = 256bit(ENCRYPT(KEY, NONCE))
 @end verbatim
 
 To prevent replay attacks we must remember received @code{SERIAL}s and
 drop when receiving duplicate ones.
+
+In @ref{Encless, encryptionless mode} this scheme is slightly different:
+
+@verbatim
+ PACKET = ENCODED || NONCE
+ENCODED = ENCLESS(DATA || PAD || ZEROS)
+  NONCE = PRP(PRP_KEY, SERIAL)
+@end verbatim
+
+@code{ENCLESS} is AONT and chaffing function. There is no need in
+explicit separate authentication.
Simple secure free software VPN daemon