gnunet-handbook

The GNUnet Handbook
Log | Files | Refs
commit d9893bf282d42ba97e55df428d840f24c45f6e30
parent f338d9e8d60464d758a5bd94f1b24a97ae12f96b
Author: Martin Schanzenbach <schanzen@gnunet.org>
Date:   Fri,  6 Oct 2023 21:44:59 +0200

rework cadet

Diffstat:

Mdevelopers/cadet/cadet.rst | 47+++--------------------------------------------


Musers/index.rst | 1+


2 files changed, 4 insertions(+), 44 deletions(-)

diff --git a/developers/cadet/cadet.rst b/developers/cadet/cadet.rst
@@ -1,53 +1,12 @@
 
-.. _CADET-Subsystem:
+.. _CADET-Subsystem-Dev:
 
 .. index::
    double: CADET; subsystem
 
-CADET — Confidential Ad-hoc Decentralized End-to-end Transport
-==============================================================
+CADET
+=====
 
-The CADET subsystem in GNUnet is responsible for secure end-to-end
-communications between nodes in the GNUnet overlay network. CADET builds
-on the CORE subsystem, which provides for the link-layer communication,
-by adding routing, forwarding, and additional security to the
-connections. CADET offers the same cryptographic services as CORE, but
-on an end-to-end level. This is done so peers retransmitting traffic on
-behalf of other peers cannot access the payload data.
-
--  CADET provides confidentiality with so-called perfect forward
-   secrecy; we use ECDHE powered by Curve25519 for the key exchange and
-   then use symmetric encryption, encrypting with both AES-256 and
-   Twofish
-
--  authentication is achieved by signing the ephemeral keys using
-   Ed25519, a deterministic variant of ECDSA
-
--  integrity protection (using SHA-512 to do encrypt-then-MAC, although
-   only 256 bits are sent to reduce overhead)
-
--  replay protection (using nonces, timestamps, challenge-response,
-   message counters and ephemeral keys)
-
--  liveness (keep-alive messages, timeout)
-
-Additional to the CORE-like security benefits, CADET offers other
-properties that make it a more universal service than CORE.
-
--  CADET can establish channels to arbitrary peers in GNUnet. If a peer
-   is not immediately reachable, CADET will find a path through the
-   network and ask other peers to retransmit the traffic on its behalf.
-
--  CADET offers (optional) reliability mechanisms. In a reliable channel
-   traffic is guaranteed to arrive complete, unchanged and in-order.
-
--  CADET takes care of flow and congestion control mechanisms, not
-   allowing the sender to send more traffic than the receiver or the
-   network are able to process.
-
-:index:`libgnunetcadet <single: libgnunet; cadet>`
-libgnunetcadet
---------------
 
 The CADET API (defined in ``gnunet_cadet_service.h``) is the messaging
 API used by P2P applications built using GNUnet. It provides
diff --git a/users/index.rst b/users/index.rst
@@ -25,5 +25,6 @@ welcome.
    fs
    vpn
    messenger
+   cadet
    configuration