Comments (9)
- https://github.com/RustCrypto - Rust implemented encryption libraries
- netcode.io spec for encryption - they use libsodium for encryption.
I swear I found some pure rust libsodium implementations, but now I can't find them again.- found it: https://crates.io/crates/crypto_box, and there are good bindings for libsodium. - DTLS discussion - #30
from quilkin.
I think we should seriously look at implementing curvecp in rust and using it for our needs, the spec is detailed at http://curvecp.org/ and we should at least go over it and see if its viable for us
from quilkin.
There is a poc implementation of curvecp here: https://github.com/sovrin-foundation/rust-curvecp-poc
from quilkin.
I didn't realise it, but QUIC has an unreliable packet extension, which is implemented by Quinn
And quinn is built on Tokio, so same async stack.
from quilkin.
Reviewing https://github.com/ValveSoftware/GameNetworkingSockets
Encryption. AES-GCM-256 per packet, Curve25519 for
key exchange and cert signatures. The details for shared key derivation and
per-packet IV are based on the design
used by Google's QUIC protocol.
from quilkin.
How easy is it to port libsodium around? (It is used in netcode.io so I'm figuring it's pretty good?)
Getting a lot of internal feedback that "to be secure, the libraries have to reach for at least C to have appropriate functionality" - so rusttls is fine, bindings to libsodium, bindings to BoringSSL for example would be ideal.
from quilkin.
Getting lots of push from security folks I pinged to use BoringSSL or a variant - so https://github.com/google/mundane might be a good fit, or https://github.com/briansmith/ring directly.
(Just throwing this all down so I don't forget it)
from quilkin.
How is this issue different from #30? Seems to me that DTLS is UDP encryption.
from quilkin.
How is this issue different from #30? Seems to me that DTLS is UDP encryption.
Given that there's really no standard for UDP encryption for games -- I think it makes sense to track separately. There are probably several encryption possibilities we could discuss and examine for UDP security (I expect once we release there will be many opinions on this) - one of which being DTLS.
from quilkin.
Related Issues (20)
- Add `service` as a label to shared metrics
- Print pod logs when steps fail in kubernetes integration tests HOT 3
- Kubernetes failures can cause fatal errors HOT 3
- Convert `FilterChain` in `Config` into map of `FilterChain` HOT 3
- Replace `Config` with configuration components HOT 2
- `quilkin.dev` doesn't work as a URL HOT 1
- Combine filter integration tests into a single entrypoint.
- Add Google Analytics to the MdBook GitHub Pages
- Add label to filter configuration HOT 3
- Protocol (De)capsulation
- High P99 latency HOT 40
- k8s provider parse error cause the xDS server to expose empty clusters map HOT 1
- Release 0.6.0 HOT 17
- Proxy instance never recovered from "Error from xDS server" HOT 3
- Gameserver DELETED watch sometimes make xDS server not update config HOT 7
- The exponential backoff for k8s watch has no limit, the backoff can be months. HOT 1
- The backoff for k8s watch doesn't reset if successful HOT 1
- Use Merge Queue instead of requiring PRs to be up to date HOT 8
- Tracking Issue for Metrics integration tests
- Add `qcmp` command
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from quilkin.