The Fenrir Project

Transport, encryption, authentication protocol

This project is maintained by Luca Fulchir

RSS feed

Fenrir's Blog

Welcome to the blog tracking the Fenrir project

This blog will be used to track and -why not- discuss all the choices, design features and advancements of the project, so you might find both technical posts and random thoughts.

Currently working on:

From Section Description
2018-08+ RaptorQ/Tyr testing & work for demo
2018-03+ RaptorQ/Tyr tunnels and more tunnels
2018-02 RaptorQ RFC Compliance
2018-01 Services connect the authentication to the services

Tyr

Tyr tunnel error correction

Following the earlier post I will now explain a bit this new small project of mine, Tyr, which should be completed fairly soon (at least in its first version)

Tyr is basically a transparent, opportunistic error-correcting tunnel.

… (Read More)

Update: RaptorQ

RaptorQ error correction

Since this blog is less used than I would like to, I have decided to start writing about the other projects I am working on, all somehow connected to the Fenrir Project.

So I will start writing about libRaptorQ and Tyr (not public yet).
Both these projects are related to error correction, and while libRaptorQ will be used in Fenrir, but I will talk about Tyr in a second post.

… (Read More)

Refuting the need for cleartext

QUIC middleboxes encryption

Today QUIC made it to the HackerNews headline, and in the comments I found links to “The hidden cost of QUIC and TOU

The short version is that protocols that encrypt everything make debugging more difficult, and middleboxes can’t do their job anymore.

Let’s look into the details of these claims

… (Read More)

Reserved Handshakes

Handshakes Fenrir stateless

While re-implementing the full-security handshake in the rewrite of libFenrir, I came across the old problem of stateful vs stateless handshakes, and what it means for (D)DOS attacks.

After thinking about it for a while, let me introduce you to a slight modification of the full-security handshake to have the best world of bot stateful and stateless handshakes.

We will go through various design, and quickly analyze various solutions from TCP to minimaLT.

… (Read More)

Who watches the watcher?

Fenrir proverif proof

Formal proofs are nice. Programs like proverif are even nicer, because they do the work for you.

It means that we have a way to check for the correctness of our model, independently from our implementation.

…But what happens when there is a mistake in the formal proof?
And how do we fix it?

… (Read More)

Status Update

Update Fenrir

What is happening? Has the project stalled?
Not really, I’m just working behind the scenes.

Since you might also like some kind of report, I added a section “currently working on” on the blog page.

… (Read More)

Paper rejected

Update Fenrir paper ITA-SEC

I submitted a paper highlighting Fenrir to a security conference ITA-SEC.
The paper was rejected. Let’s see why and what it meas for the Fenrir project.

TLDR: no big deal, keep working.

… (Read More)

Status Update

Update libRaptorQ

A lot of time passed, what happened?

I have not been slacking, but I have not been working much on Fenrir lately.
That’s because a lot of work has been done in libRaptorQ, that Fenrir will use.

… (Read More)

Signal vs Federation

Federation

Recently the guys at Signal have published a blog post about their ideas on federation.

Our ideas differ, so let’s analyze the problem.

… (Read More)

Multicast

Multicast

I finally had some time to better think about multicast transmission and better analyze the problem. And I think I have a solution.

… (Read More)