robojones / endguard Goto Github PK
View Code? Open in Web Editor NEWSpecification for Endguard, a reasonably secure end-to-end encryption scheme
License: MIT License
Specification for Endguard, a reasonably secure end-to-end encryption scheme
License: MIT License
When the first message in the handshake is called ConnectionOffer, then it would be only logical if the response to it was called ConnectionAccept (= accepting the offer).
It should be documented how Endguard handles different threat models. For this, all security games and threat models which are considered during the design should be documented.
Every message should be MACed twice, using different MAC algorithms, to guarantee connection integrity. This is important in case the MAC of an authenticated encryption algorithm breaks. The additional MAC then ensures integrity of the existing connections until they are switched to another block (or stream) cipher algorithm. Integrity is essential for Endguard because setting up a new connection requires the exchange of information over a secondary medium (e.g. a QR code).
Endguard should support an alternative to the AES256-GCM block-cipher algorithm, in case there ever is a viable attack on AES or the GCM MAC.
The second algorithm should be ChaCha20-Poly1305 as it is included in secure and included in the TLS standard. Also, it is fundamentally different from AES-GCM which means that anyone ever breaks AES or the GCM mode, then ChaCha20-Poly1305 security is still intact.
There should be exact specifications describing the handshake, encryption and decryption (including pseudo-code examples)
It should be documented, what functionality must be exposed as API by every Endguard implementation.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.