Rosenpass, chirongwa cheVPN chinovimbisa kuramba kurwiswa nemakomputa akawanda

Darkcrizt

4 maminitsi

rosenpass

Rosenpass ichenjedzo yakakosha pane zvichauya:

Munguva pfupi yapfuura the nhau kuti boka iVatsvakurudzi veGermany, vagadziri uye cryptographers vakabudisa shanduro yekutanga yeRosenpass project, iyo inovandudza VPN uye makiyi ekutsinhana masisitimu anopokana ne quantum komputa kurwiswa.

rosenpass inoshandisa WireGuard VPN pasi pehodhi pamwe chete neyakajairwa encryption algorithms uye makiyi iyo inoshandiswa sekutakura uye inoizadzisa nehack-yakachengetedzwa kiyi yekutsinhana maturusi pa quantum makomputa (kureva Rosenpass inowedzera kuchengetedza kiyi yekutsinhana pasina kushandura algorithms ekushanda uye encryption nzira dzeWireGuard).

Rosenpass inogona zvakare kushandiswa zvakasiyana kubva kuWireGuard muchimiro chegeneric kiyi yekutsinhana chishandiso chakakodzera kuchengetedza mamwe maprotocol kubva pakurwiswa kwekombuta.

About Rosenpass

Rosenpass yakanyorwa muRust uye inoshandisa liboqs 1 uye libsodium 2, chishandiso chinomisikidza kiyi ye symmetric uye inopa iyo kuWireGuard. Sezvo iwe uchipa WireGuard kiyi kuburikidza nePSK basa, kushandisa Rosenpass + WireGuard haina kuchengetedzwa zvishoma pane kushandisa WireGuard chete ("hybrid kuchengetedza").

Basa ririkuenderera mberi rekuona zviri pamutemo protocol, cryptographic algorithms uye kuita kuti ipe humbowo hwemasvomhu hwekuvimbika. Panguva ino, uchishandisa ProVerif, kuongororwa kwekufananidzira kweprotocol uye kushandiswa kwayo kwekutanga mumutauro weRust kwakatoitwa.

Protocol Rosenpass yakavakirwa paPQWG post-quantum yakasimbiswa kiyi yekutsinhana michina (Post-quantum WireGuard), yakavakwa uchishandisa iyo McEliece cryptosystem, iyo inopikisa brute force pa quantum computer. Kiyi inogadzirwa neRosenpass inoshandiswa muchimiro cheWireGuard Pre-Shared Key (PSK) symmetric kiyi, kuita imwe nhanho yekudzivirira yeiyo hybrid VPN yekubatanidza.

Rosenpass inopa maviri UDP ports; kana port N yakatsanangurwa yerosenpass, ichapa port N+1 yeWireGuard.

Kufanana neWireGuard, Rosenpass haimanikidze chero kupatsanurwa pakati pevatengi nemaseva. Kana iwe ukasatsanangudza iyo yekuteerera, Rosenpass uye WireGuard ichasarudza isina kurongeka ports; iyi ndiyo client mode. Kana iwe ukasatsanangura magumo, Rosenpass haizoyedze kubatana nevezera uye panzvimbo pacho inomirira kubatana kwevezera. Iyi ndiyo server mode. Unogona kutsanangura zvese. Kusvetuka zvese hazvirambidzwe asi hazvina kunyanya kubatsira.

Rosenpass inopa yakaparadzana kumashure maitiro iyo inoshandiswa kugadzira yakafanotsanangurwa WireGuard kiyi uye yakachengeteka kiyi yekutsinhana panguva yekubata maoko maitiro uchishandisa post-quantum cryptographic maitiro.

SaWireGuard, makiyi esymmetric muRosenpass anogadziridzwa maminetsi maviri ese. Kuchengetedza kubatana, makiyi akagovaniswa anoshandiswa (kurutivi rumwe norumwe, makiyi eruzhinji neakavanzika anogadzirwa, mushure meizvozvo vatori vechikamu vanoendesa makiyi eruzhinji kune mumwe nemumwe).

Sese nechero application, pane kangozi kadiki kematambudziko chengetedzo vatsoropodzi (senge buffer mafashama, kure kure kodhi kuuraya); iyo Rosenpass app yakanyorwa muRust programming mutauro, iyo isinganyanyi kutarisana nemhando idzi dzematambudziko. Rosenpass inogona zvakare kunyora makiyi kumafaira pane kuvapa kuWireGuard. Iine zvishoma zvekunyora, deployment-yakazvimirira modhi inogona kushandiswa kumhanyisa application yako muContainer, VM, kana imwe host. Iyi modhi inogona zvakare kushandiswa kubatanidza maturusi kunze kweWireGuard neRosenpass.

Zvakakodzera kutaura kuti Rosenpass ine zvimwe zvipingamupinyi; inomhanya semudzi, iyo inoda kuwana iyo WireGuard uye Rosenpass yakavanzika makiyi, inotora kutonga kweiyo interface, uye inoshanda neicho chaiyo interface. Kana iwe usina chokwadi chekumhanyisa Rosenpass semudzi, iwe unofanirwa kushandisa yakamira modhi kugadzira yakachengeteka setup uchishandisa midziyo, majeri, kana chaiwo michina.

Iyo kodhi yekushandisa yakanyorwa muRust uye yakagoverwa pasi peMIT neApache 2.0 marezinesi. Iyo cryptographic algorithms uye primitives inokweretwa kubva kuC maraibhurari liboqs uye libsodium.

Iyo yakadhindwa codebase inomisikidzwa sereferensi yekushandisa: zvichibva pane zvakapihwa, mamwe maturusi sarudzo anogona kugadzirwa uchishandisa mimwe mitauro yekuronga.

Chekupedzisira, kana iwe uchifarira kuziva zvakawanda nezvazvo, unogona kutarisa ruzivo Mune inotevera chinongedzo.


Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa. Raida minda anozivikanwa ne *

*

*

  1. Inotarisira data: AB Internet Networks 2008 SL
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako