Commit Graph

78 Commits

Author SHA1 Message Date
Frank Denis 25ac94e7b2 Revert "Add Stretch-Hash-and-Truncate option for extreme DNS privacy"
This reverts commit 2d1dd7eaab.
2019-04-02 01:57:48 +02:00
Frank Denis 2d1dd7eaab Add Stretch-Hash-and-Truncate option for extreme DNS privacy
This works over DNSCrypt and DoH, but requires a specifically configured
server.

Instead of sending the actual DNS queries, the SH-T system works as follows:

Step 1: the client query is evaluated through Argon2id, a military-grade,
memory-hard, CPU-hard stretching function. This makes it very expensive
for an attacker to find the original query, even using GPUs and ASICs.
For post-quantum resistance, we use it to generate a 1024-bit key.

Step 2: in case the Argon2id algorithm has a vulnerability, or, since this
is a popular function used for hashing passwords and for cryptocurrencices,
and people may have built rainbow tables already, we use a hash function over
the result of the previous function. This immediately defeats rainbow tables.

Step 3: the output of the hash function is truncated to 64-bit.
Due to a property of this operation known as collision-misresistance, and even
if the previous steps fail due to a nation-state actor, it is impossible for a
server operator to prove what exact query was originally sent by a client.

This feature is experimental.
2019-04-01 09:36:56 +02:00
Frank Denis 674bd30d45 Update dependencies 2019-04-01 08:21:17 +02:00
Frank Denis c16016b112 Update deps 2019-03-14 02:17:58 +01:00
Frank Denis b624f8ef58 Accept sdns: scheme without a namespace 2019-03-03 18:20:39 +01:00
Frank Denis c3e29c2a60 Switch to Go modules 2019-03-01 18:44:37 +01:00
Frank Denis d0ca608cb7 Update deps 2019-02-23 13:44:05 +01:00
Frank Denis 31d6b0b879 Update deps 2018-11-22 17:26:43 +01:00
Frank Denis 9c17f476f3 Update deps 2018-11-15 13:38:08 +01:00
Frank Denis 8be1fef464 Update deps for BSD 2018-10-03 18:36:19 +02:00
Frank Denis 76fdb51c38 Update deps for Go 1.11 2018-10-02 18:06:43 +02:00
Frank Denis 40f2dc6a7d Apply kardianos/service PR #144 2018-08-23 00:25:56 +02:00
Frank Denis e3d5f3e6e5 Update deps 2018-08-23 00:23:59 +02:00
Frank Denis 7740e9d3bc Update dep and deps 2018-08-10 01:39:33 +02:00
Frank Denis 35e4d36f67 Add sys/unix for pledge 2018-07-07 20:39:04 +02:00
Frank Denis 648c0df016 Update deps 2018-07-07 20:35:02 +02:00
Frank Denis 4a3be6086e Update deps 2018-07-05 15:44:04 +02:00
Frank Denis 02888adff3 Deps update 2018-06-26 15:40:08 +02:00
Frank Denis 7f8b8d043e Remove old daemonization code
We will be able do it using fork+exec
2018-06-13 17:31:47 +02:00
Frank Denis 8d99e95288 Update deps 2018-06-13 16:52:04 +02:00
Frank Denis 5b1fc8da2a Update deps 2018-06-06 16:10:10 +02:00
Frank Denis cdfe7ba673 Deps update 2018-05-31 19:08:31 +02:00
Frank Denis b9764f8248 Add minisign/.travis 2018-05-19 10:44:10 +02:00
Frank Denis eff3272b9f Update deps 2018-05-19 01:50:26 +02:00
Frank Denis f44d9f658b Revert "Update deps"
This reverts commit 49e5c87f8d.
2018-05-16 11:53:20 +02:00
Frank Denis 49e5c87f8d Update deps 2018-05-16 11:39:59 +02:00
Frank Denis 113a952b94 Add missing travis file 2018-05-10 12:03:26 +02:00
Frank Denis 2b070c6e93 Deps update 2018-05-10 12:03:06 +02:00
Frank Denis 4f4daf41b7 Massive dependencies update 2018-05-10 09:56:25 +02:00
Frank Denis e6ccf7f3c0 No cookie for @aead :) 2018-05-04 00:36:20 +02:00
Frank Denis 8d20cd7550 Update deps 2018-05-03 23:36:57 +02:00
Frank Denis 3104dcbd70 Go 1.10.2 2018-05-02 13:25:59 +02:00
Frank Denis 084bfe67fd Hopefully remove the remaining %ecx clobbering cases in chacha_386 2018-05-01 11:50:01 +02:00
Frank Denis 17dc8f2dca Update deps 2018-04-27 01:10:35 +02:00
Frank Denis 031c9c45d5 Update aead/chacha20 again 2018-04-26 23:51:36 +02:00
Frank Denis a3f51cfea9 Update aead/chacha20 2018-04-26 20:41:35 +02:00
Frank Denis e8b183e576 Deps update 2018-04-25 20:23:31 +02:00
Frank Denis f20da6b611 Remove support for legacy CSV files 2018-04-18 19:06:50 +02:00
Frank Denis 3d67c81697 Deps update 2018-04-18 18:58:39 +02:00
Frank Denis 7685c12c0f Update aead/poly1305 2018-04-16 02:19:29 +02:00
Frank Denis 1a4d34dc55 Add golang.org/x/net/http2 to the dependencies 2018-04-09 11:56:49 +02:00
Frank Denis a4366b0593 Update deps 2018-04-07 17:14:53 +02:00
Frank Denis b71e04c64e Update miekg/dns to v1.0.5 2018-04-02 00:10:55 +02:00
Frank Denis 3e4b7671d1 Patch service_upstart 2018-03-26 20:46:51 +02:00
Frank Denis 10f0503d50 Update deps; especially for chacha20 2018-03-26 20:46:25 +02:00
Frank Denis ebc3ddda38 Deps update 2018-03-18 09:09:29 -07:00
Frank Denis 3d50549cae bring back exec and strings 2018-03-07 20:21:58 +01:00
Frank Denis a6ae97ecb1 Lower default granularity 2018-03-07 19:00:09 +01:00
Frank Denis ff81344aa8 Update clocksmith 2018-03-07 18:51:55 +01:00
Frank Denis 817f2ff560 Don't pause the cert refresh timers if the host goes to hibernation 2018-03-07 18:29:58 +01:00