Обзор защищённых транспортных протоколов (2022-07-13 11:29:24+03:00)

[О блоге] [наверх] [пред] [2022-07-13 11:29:24+03:00] [f8acecaedb8a335e141500ebefed8aa8d4b2d25f]

Темы: [crypto]

Обзор защищённых транспортных протоколов

https://datatracker.ietf.org/doc/html/rfc8922
Есть вот целый RFC, где упоминаются и DJB-шный CurveCP с MinimaLT
(6e30e1c9e0cf17d773f9238d0d164175c28924fc) и WireGuard.

Summary of Interfaces Exposed by Protocols:
+===========+===+====+=====+==+==+======+==+=====+==+==+======+==+==+
| Protocol  |IPK|ALG | EXT |CM|AD| PSKI |IV| SAV |CT|KU| SSKE |KE|ME|
+===========+===+====+=====+==+==+======+==+=====+==+==+======+==+==+
| TLS       | x | x  |  x  |x |  |  x   |x |     |x |x |  x   |  |  |
+-----------+---+----+-----+--+--+------+--+-----+--+--+------+--+--+
| DTLS      | x | x  |  x  |x |  |  x   |x |  x  |x |x |  x   |  |x |
+-----------+---+----+-----+--+--+------+--+-----+--+--+------+--+--+
| ZRTP      | x | x  |     |x |  |  x   |x |     |x |  |      |  |  |
+-----------+---+----+-----+--+--+------+--+-----+--+--+------+--+--+
| QUIC      | x | x  |  x  |x |  |  x   |x |  x  |x |x |      |  |x |
+-----------+---+----+-----+--+--+------+--+-----+--+--+------+--+--+
| tcpcrypt  |   | x  |     |x |x |  x   |  |     |x |x |  x   |  |  |
+-----------+---+----+-----+--+--+------+--+-----+--+--+------+--+--+
| MinimaLT  | x | x  |     |x |  |  x   |x |     |x |x |  x   |  |x |
+-----------+---+----+-----+--+--+------+--+-----+--+--+------+--+--+
| CurveCP   | x |    |     |  |  |      |x |     |  |  |      |  |x |
+-----------+---+----+-----+--+--+------+--+-----+--+--+------+--+--+
| IPsec     | x | x  |     |  |x |  x   |x |  x  |x |x |  x   |x |x |
+-----------+---+----+-----+--+--+------+--+-----+--+--+------+--+--+
| WireGuard | x |    |     |  |  |  x   |x |  x  |  |  |      |  |x |
+-----------+---+----+-----+--+--+------+--+-----+--+--+------+--+--+
| OpenVPN   | x | x  |     |  |  |  x   |x |     |x |  |  x   |  |  |
+-----------+---+----+-----+--+--+------+--+-----+--+--+------+--+--+

IPK  : Identities and Private Keys
ALG  : Supported Algorithms (Key Exchange, Signatures, and Ciphersuites)
EXT  : Extensions
CM   : Session Cache Management
AD   : Authentication Delegation
PSKI : Pre-Shared Key Import
IV   : Identity Validation
SAV  : Source Address Validation
CT   : Connection Termination
KU   : Key Update
SSKE : Shared Secret Key Export
KE   : Key Expiration
ME   : Mobility Events

[оставить комментарий]