Next: , Previous: , Up: Top  

Developer manual

Pay attention how to get development source code.

Data encryption


Message authentication


Nonce and identity obfuscation


Password authenticated key agreement

DH-A-EKE powered by Curve25519 and Ed25519.

DH elliptic-curve point encoding for public keys


Verifier password hashing algorithm

Balloon hashing based on BLAKE2b-256.

Encryptionless confidentiality preserving encoding

Chaffing-and-Winnowing (two Poly1305 MACs for each bit of message) over 128 bits of All-Or-Nothing-Transformed (based on OAEP using ChaCha20 with BLAKE2b-256 based SAEP+ checksums) data with 128-bits of feeded random.

Packet overhead

25 bytes per packet. Plus 4128 bytes and noise in encryptionless mode.

Handshake overhead

4 UDP (2 from client, 2 from server) packets (round-trips for TCP). 264 bytes total payload, 20680 in encryptionless mode.

Entropy required

832 bits in average on client, 832 bits in average on server side per handshake. 128 bits for each outgoing packet in encryptionless mode.