The Fenrir Project

Transport, encryption, authentication protocol

This project is maintained by Luca Fulchir

RSS feed

Fenrir's Blog

Welcome to the blog tracking the Fenrir project

This blog will be used to track and -why not- discuss all the choices, design features and advancements of the project, so you might find both technical posts and random thoughts.

Currently working on:

From Section Description
2021-01+ D4 New Object storage
2020-12 Studying Rust & nix New base for server and future projects
2018-10 - 2020-11 Nothing :( too much work, no time for opensource

Signal vs Federation


Recently the guys at Signal have published a blog post about their ideas on federation.

Our ideas differ, so let’s analyze the problem.

… (Read More)



I finally had some time to better think about multicast transmission and better analyze the problem. And I think I have a solution.

… (Read More)



I finally finished my master thesis, and the result can be found here.

Feel free to look at it to better understand the Fenrir protocol.

… (Read More)

Got Speed?

bandwidth delay RTT speed satellite

Every protocol has a limit on how quickly it can deliver things.

So how does Fenrir compare to the classical TCP?

… (Read More)

Anonymous Login

federation authentication anonymity

Obviously we support anonymous connection. But that’s not the same as an anonymous login.

By “Anonymous login” we mean being able to login to a 3rd party website without revealing our username.

With Fenrir, that’s pretty simple.

… (Read More)



It took me a lot more than expected, but finally I have a working implementation of the RaptorQ algorithm (RFC630)

… (Read More)

Slow Development

progress_report RaptorQ

Things have been slow in the last two months.

What’s going on? A lot.

… (Read More)


DNSSEC DNS handshake

What happens before the handshake? How do we get the information needed to have a secure connection with the right server?

Fenrir does not use the common CA authorities, so where do we get the trust in this system?

… (Read More)

Federated Authentication

federation authentication authorization lattice

Today we are going to have an in-depth look at the algorithm behind the federation and how the tokens, the lattices are used.

The algorithm per-se is extremely easy, so we will look at what information we use and how. There’s no cryptography involved here :)

… (Read More)


federation Kerberos OAuth authorization lattice

Everybody is familiar with the usual client-server architecture, and you might have figured out the “authentication server”-“service”-“client” model in Kerberos and OAuth.

Fenrir further splits the roles, simplifying the work each application has to do and increasing the overall security.

… (Read More)