The Fenrir Project

Transport, encryption, authentication protocol

This project is maintained by Luca Fulchir

RSS feed

Fenrir's Blog

Welcome to the blog tracking the Fenrir project

This blog will be used to track and -why not- discuss all the choices, design features and advancements of the project, so you might find both technical posts and random thoughts.

Currently working on:

From Section Description
2018-01-26 Services connect the authentication to the services
2018-01-15 Authentication uid/gid management

Refuting the need for cleartext

QUIC middleboxes encryption

Today QUIC made it to the HackerNews headline, and in the comments I found links to “The hidden cost of QUIC and TOU

The short version is that protocols that encrypt everything make debugging more difficult, and middleboxes can’t do their job anymore.

Let’s look into the details of these claims

… (Read More)

Reserved Handshakes

Handshakes Fenrir stateless

While re-implementing the full-security handshake in the rewrite of libFenrir, I came across the old problem of stateful vs stateless handshakes, and what it means for (D)DOS attacks.

After thinking about it for a while, let me introduce you to a slight modification of the full-security handshake to have the best world of bot stateful and stateless handshakes.

We will go through various design, and quickly analyze various solutions from TCP to minimaLT.

… (Read More)

Who watches the watcher?

Fenrir proverif proof

Formal proofs are nice. Programs like proverif are even nicer, because they do the work for you.

It means that we have a way to check for the correctness of our model, independently from our implementation.

…But what happens when there is a mistake in the formal proof?
And how do we fix it?

… (Read More)

Status Update

Update Fenrir

What is happening? Has the project stalled?
Not really, I’m just working behind the scenes.

Since you might also like some kind of report, I added a section “currently working on” on the blog page.

… (Read More)

Paper rejected

Update Fenrir paper ITA-SEC

I submitted a paper highlighting Fenrir to a security conference ITA-SEC.
The paper was rejected. Let’s see why and what it meas for the Fenrir project.

TLDR: no big deal, keep working.

… (Read More)

Status Update

Update libRaptorQ

A lot of time passed, what happened?

I have not been slacking, but I have not been working much on Fenrir lately.
That’s because a lot of work has been done in libRaptorQ, that Fenrir will use.

… (Read More)

Signal vs Federation


Recently the guys at Signal have published a blog post about their ideas on federation.

Our ideas differ, so let’s analyze the problem.

… (Read More)



I finally had some time to better think about multicast transmission and better analyze the problem. And I think I have a solution.

… (Read More)



I finally finished my master thesis, and the result can be found here.

Feel free to look at it to better understand the Fenrir protocol.

… (Read More)

Got Speed?

bandwidth delay RTT speed satellite

Every protocol has a limit on how quickly it can deliver things.

So how does Fenrir compare to the classical TCP?

… (Read More)