GoVPN это простой демон виртуальных частных сетей, код которого нацелен
на лёгкость чтения и анализа, безопасность, устойчивость к DPI/цензуре.
-@itemize @bullet
+@itemize
@item
Свободное программное обеспечение, копилефт: лицензировано под условиями
@url{https://www.gnu.org/licenses/gpl-3.0.ru.html, GPLv3+}.
aimed to be reviewable, secure and
@url{https://en.wikipedia.org/wiki/Deep_packet_inspection, DPI}/censorship-resistant.
-@itemize @bullet
+@itemize
@item
Copylefted free software: licenced under
@url{https://www.gnu.org/licenses/gpl-3.0.html, GPLv3+}.
Let's assume that there is some insecure link between your computer and
WiFi-reachable gateway.
-@itemize @bullet
+@itemize
@item You have got @code{wlan0} NIC with 192.168.0/24 network on it.
@item You want to create virtual encrypted and authenticated 172.16.0/24
network and use it as a default transport.
@verb{|R + enc(H(DSAPub), R, El(CDHPub)) + IDtag -> Server|} [48 bytes]
@item
-@itemize @bullet
+@itemize
@item Server remembers client address.
@item Decrypts @code{El(CDHPub)}.
@item Inverts @code{El()} encoding and gets @code{CDHPub}.
@verb{|enc(H(DSAPub), R+1, El(SDHPub)) + enc(K, R, RS + SS) + IDtag -> Client|} [80 bytes]
@item
-@itemize @bullet
+@itemize
@item Client decrypts @code{El(SDHPub)}.
@item Inverts @code{El()} encoding and gets @code{SDHPub}.
@item Computes @code{K}.
@verb{|enc(K, R+1, RS + RC + SC + Sign(DSAPriv, K)) + IDtag -> Server|} [120 bytes]
@item
-@itemize @bullet
+@itemize
@item Server decrypts @code{RS}, @code{RC}, @code{SC},
@code{Sign(DSAPriv, K)}.
@verb{|ENC(K, R+2, RC) + IDtag -> Client|} [16 bytes]
@item
-@itemize @bullet
+@itemize
@item Client decrypts @code{RC}
@item Compares with its own one sent before.
@item Computes final session encryption key as server did.
Possibly GoVPN already exists in your distribution:
-@itemize @bullet
+@itemize
@item @url{https://aur.archlinux.org/packages/govpn/, AUR}
@item @url{http://www.freshports.org/security/govpn/, FreeBSD ports}
@end itemize
@node Media
@unnumbered In the media
-@itemize @bullet
+@itemize
@item @url{http://habrahabr.ru/company/ivi/blog/256365/, Реализуем безопасный VPN-протокол} (on russian)
@item @url{http://habrahabr.ru/company/ivi/blog/257431/, Реализуем ещё более безопасный VPN-протокол} (on russian)
@item @url{http://www.linuxspace.org/archives/9449, Установка и настройка безопасного VPN-демона GoVPN 3.2} (on russian)
@table @strong
@item Release 4.0
-@itemize @bullet
+@itemize
@item Handshake messages can be noised: their messages lengths are
hidden. Now they are indistinguishable from transport messages.
@item Parallelized clients processing on the server side.
@end itemize
@item Release 3.5
-@itemize @bullet
+@itemize
@item Ability to use @ref{Network, TCP} network transport.
Server can listen on both UDP and TCP sockets.
@item Ability to use @ref{Proxy, HTTP proxies} (through CONNECT method)
@end itemize
@item Release 3.4
-@itemize @bullet
+@itemize
@item Ability to use external @ref{EGD}-compatible PRNGs. Now you are
able to use GoVPN even on systems with the bad @code{/dev/random},
providing higher quality entropy from external sources.
@end itemize
@item Release 3.3
-@itemize @bullet
+@itemize
@item Compatibility with an old GNU Make 3.x. Previously only BSD Make
and GNU Make 4.x were supported.
@item /dev/urandom is used for correct client identity generation under
@end itemize
@item Release 3.2
-@itemize @bullet
+@itemize
@item
Deterministic building: dependent libraries source code commits are
fixed in our makefiles.
@end itemize
@item Release 3.1
-@itemize @bullet
+@itemize
@item
Diffie-Hellman public keys are encoded with Elligator algorithm when
sending over the wire, making them indistinguishable from the random
@end itemize
@item Release 3.0
-@itemize @bullet
+@itemize
@item
EKE protocol is replaced by Augmented-EKE and static symmetric (both
sides have it) pre-shared key replaced with server-side verifier. This
@end itemize
@item Release 2.4
-@itemize @bullet
+@itemize
@item
Added ability to optionally run built-in HTTP-server responding with
JSON of all known connected peers information. Real-time client's
@end itemize
@item Release 2.3
-@itemize @bullet
+@itemize
@item
Handshake packets became indistinguishable from the random.
Now all GoVPN's traffic is the noise for men in the middle.
@end itemize
@item Release 2.2
-@itemize @bullet
+@itemize
@item Fixed several possible channel deadlocks.
@end itemize
@item Release 2.1
-@itemize @bullet
+@itemize
@item Fixed Linux-related building.
@end itemize
@item Release 2.0
-@itemize @bullet
+@itemize
@item Added clients identification.
@item Simultaneous several clients support by server.
@item Per-client up/down scripts.
@end itemize
@item Release 1.5
-@itemize @bullet
+@itemize
@item Nonce obfuscation/encryption.
@end itemize
@item Release 1.4
-@itemize @bullet
+@itemize
@item Performance optimizations.
@end itemize
@item Release 1.3
-@itemize @bullet
+@itemize
@item Heartbeat feature.
@item Rehandshake feature.
@item up- and down- optinal scripts.
@end itemize
@item Release 1.1
-@itemize @bullet
+@itemize
@item FreeBSD support.
@end itemize
@item Release 1.0
-@itemize @bullet
+@itemize
@item Initial stable release.
@end itemize
client-server authentication. Is is secure, but not convenient for some
user use-cases:
-@itemize @bullet
+@itemize
@item Compromising of passphrase files on either server or client side
allows attacker to masquerade himself a client.
@item To prevent compromising of keys on the client side, one needs some
Thanks for contributions and suggestions to:
-@itemize @bullet
+@itemize
@item
@url{https://www.schneier.com/books/applied_cryptography/, Applied Cryptography}
@copyright{} 1996 Bruce Schneier.