On Sun, 2013-08-04 at 11:20 +0100, Nick Thomas wrote:
It may be misguided, but avoiding I^2 / M:N sessions was a goal. As numbers go, it's big enough to be uncomfortable (there's ~40K ASNs).
Quick update - the code is now in a state where it can tunnel arbitrary IPv4 datagrams, and does path MTU discovery / fragmentation as suggested by RFC6830. Traceroute doesn't work yet, though. IPv6 is TODO; it should be trivial to add support for IPv6 EIDs. IPv6 RLOCs are a tiny bit harder. Crypto is - very slowly - starting to look sane: - 160-bit EC private keys per RLOC - public keys -> registry (for now) - ECDH for shared secret generation for any RLOC pair - SHA256 the secret, use as secret key for symmetric cipher - Fragment packet into packets, if needed - Each packet gets 128-bit pseudo-random IV ( RAND_pseudo_bytes() ) - aes256gcm block cipher on first 512 bytes of each packet - On the wire: [ IP header, proto 99 ] [ len(iv+ciphertext+tag) ] [ iv ] [ ciphertext ] [ tag ] [ plaintext ] Obviously, the current code doesn't scale at all well, but this is in-principle parallelisable, and amenable to hardware cypto use as well. Unloaded, it adds <1ms to rtt. I'm hoping to be able to get it running at ~100Mbit/sec sometime in the next week or two. If I can get it to gigabit rates, I can start talking to small ISPs about running it, opt-in, with a straight face. If you fancy experimenting with a hide-eid node, just poke me with a public key and a range + RLOC IP (or set up your own pair, of course). I'd quite like to see it spanning large sections of the real Internet successfully. I'd also love to know if you can get it to break any IP protocols; I've only really been playing with TCP and ICMP so far. More broadly, I've still not been dissuaded against the notion that it plugs a gap in the current range of tools against widespread, generalised internet surveillance. The value of being a member of even a small anonymity set can't be understated, especially when getting into the set is more-or-less zero effort and zero cost. If anyone can convince me otherwise, well, at least I'd get my evenings (and mornings) back :) /Nick