commit c9226e81ae603125f90802f866cf39350367a4a9
parent 096cef58f2ea23096d6fa3b637951da59b93804b
Author: Martin Schanzenbach <schanzen@gnunet.org>
Date: Mon, 8 Jun 2026 18:58:41 +0200
more updates
Diffstat:
1 file changed, 6 insertions(+), 7 deletions(-)
diff --git a/about.rst b/about.rst
@@ -284,15 +284,15 @@ GNUnet attemtps to satisfy the following security goals in the face of those adv
From the lowest layer to the applications layer, the securty goals and associated subsystems are:
1. Base layer (Communicators/TRANSPORT): This layer optionally provides steganographic and ad-hoc security guarantees against external adversaries that largely depend on the communicator(s) used. For example, use of the HTTP3/QUIC communicator will use TLS and try to validate a certificate signed by the peer we want to connect to. Other communicators may not provide the same properties.
- - QUIC Communicator: TLS (EdDSA/X25519)
- - TCP Communicator: Diffie-Hellman KX (Ed25519-to-X25519-DH)
+ - QUIC Communicator: Appears to be a regular TLS connection (EdDSA/X25519).
+ - TCP Communicator: Uses Diffie-Hellman with Elligator to appear as random noise (`LSD 0011 <https://lsd.gnunet.org/lsd0011/>`_).
2. Peer connectivity and routing layer (CORE, R5N): This layer provides a secure channel between two (physically) connected peers. Peers are mutually authenticated and a secure cryptographic channel is established, but there is no particular trust required between the communication partners. It does not assume any security guarantees from the previous layer. It provides confidential communication in the face of an external adversary. The R5N uses this layer to establish an overlay network (DHT).
- CORE: DTLS-style KEMTLS called CAKE with EdDSA and X25519. Specification: `LSD 0012 <https://lsd.gnunet.org/lsd0012/>`_
- - R5N: EdDSA signatures: `LSD 0004 <https://lsd.gnunet.org/lsd0004/>`_
-3. Peer connectivity layer (CADET): This layer provides an end-to-end secure secure cryptographic channel between two peers. It is assumed that this channel is established between to peers that share a strong trust relationship. It uses advanced cryptographic mechanisms to provide Perfect Forward Secrecy and Post-Compromise Security as well as the option to support out-of-order messages and participation repudiation (deniability).
- - CADET: Axolotl 3DH with EdDSA Peer Identities.
+ - R5N: EdDSA signatures for route recording: `LSD 0004 <https://lsd.gnunet.org/lsd0004/>`_
+3. Peer connectivity layer (CADET): This layer provides an end-to-end secure secure cryptographic channel between two peers. It is assumed that this channel is established between to peers that share a strong trust relationship.
+ - CADET: Axolotl 3DH with EdDSA Peer Identities to provide perfect forward secrecy, post-compromise security, secure out-of-order delivery and participant repudication (deniability).
4. Application layer: Each :ref:`subsystem <subsystems>` of GNUnet incorporates its own security mechanism taking the existing baseline of the GNUnet network as well as the adversary model into account. See the respective section in the User handbook.
- - GNS: EDDSA+AES-CTR (PKEY zones) or EdDSA+XSalsa20-Poly1305 (EDKEY zones) with key blinding. Specification: `LSD 0001 <https://lsd.gnunet.org/lsd0012/>`_
+ - GNS: Resource records are signed using EDDSA (or EdDSA) for data origin authentication and encrypted using AES-CTR (or EdDSA+XSalsa20-Poly1305) to achieve data confidentiality against certain adversaries. Public keys are blinded to prevent censorship. Specification: `LSD 0001 <https://lsd.gnunet.org/lsd0012/>`_
Cryptography
@@ -309,7 +309,6 @@ The primary asymmetric primitives in use are EdDSA and X25519.
Currently, no clear path to post-quantum primitives has been laid out.
This is mostly due to open research questions in the areas of key blinding and blind signatures.
-
Egos
~~~~
