[Govpn-devel] GoVPN 3.0 release announcement

public inbox for govpn-devel@lists.cypherpunks.ru
Atom feed

From: stargrave@stargrave•org
To: govpn-devel@lists.cypherpunks.ru
Subject: [Govpn-devel] GoVPN 3.0 release announcement
Date: Sun, 3 May 2015 16:01:14 +0300	[thread overview]
Message-ID: <20150503130114.GA37067@stargrave.org> (raw)

[-- Attachment #1: Type: text/plain, Size: 2318 bytes --]

I am pleased to announce GoVPN 3.0 release availability!

GoVPN is simple secure free software virtual private network daemon,
aimed to be reviewable, secure, DPI-resistant, written on Go.

It uses fast PAKE DH A-EKE for mutual strong zero-knowledge peers
authentication. Data transport is encrypted, authenticated, hides
message's length and timestamp. PFS property, resistance to dictionary
attacks, replay attacks. Built-in heartbeating, rehandshaking, real-time
statistics, IPv4/IPv6-compatibility. GNU/Linux and FreeBSD support.

GoVPN's home page is: http://www.cypherpunks.ru/govpn/
also available as Tor hidden service: http://vabu56j2ep2rwv3b.onion/govpn/

Source code for that version can be found here:
http://www.cypherpunks.ru/govpn/download/govpn-3.0.tar.xz
SHA256: 12579c5c3cccfe73c66b5893335bc70c42d7b13b8e94c7751ec65d421eaff9a5
and corresponding signature is:
http://www.cypherpunks.ru/govpn/download/govpn-3.0.tar.xz.sig
GPG key ID: 0xFFE2F4A1 GoVPN release signing key
Fingerprint: D269 9B73 3C41 2068 D8DA  656E F2F5 9045 FFE2 F4A1

The main improvements for that major release are:

* EKE protocol is replaced by Augmented-EKE and static symmetric (both
  sides have it) pre-shared key replaced with server-side verifier. This
  requires, 64 more bytes in handshake traffic, Ed25519 dependency with
  corresponding sign/verify computations, PBKDF2 dependency and its usage
  on the client side during handshake.

A-EKE with PBKDF2-based verifiers is resistant to dictionary attacks,
can use human memorable passphrases instead of static keys and
server-side verifiers can not be used for authentication (compromised
server does not leak client's authentication keys/passphrases).

* Changed transport message structure: added payload packet's length.
  This will increase transport overhead for two bytes, but heartbeat
  packets became smaller

* Ability to hide underlying packets lengths by appending noise, junk
  data during transmission. Each packet can be fill up-ed to it's
  maximal MTU size.

* Ability to hide underlying packets appearance rate, by generating
  Constant Packet Rate traffic. This includes noise generation too.

* Per-peer -timeout, -noncediff, -noise and -cpr configuration options.

-- 
Happy hacking, Sergey Matveev

[-- Attachment #2: Type: application/pgp-signature, Size: 801 bytes --]

                 reply	other threads:[~2015-05-03 13:03 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed