Datadiode
This commit is contained in:
parent
dd2c88d395
commit
d6417d5028
34
datadiode-driver.md
Normal file
34
datadiode-driver.md
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
# datadiode netzwork driver
|
||||||
|
|
||||||
|
## loose thoughts
|
||||||
|
- based on ethernet or lwl
|
||||||
|
- primarily to exchange data between virtualized hosts
|
||||||
|
- implements a driver which
|
||||||
|
1. trust on unbound channel
|
||||||
|
2. established a secure data transfer
|
||||||
|
3. PSK as param, maximum receive size
|
||||||
|
4. basically unicast , optionally simplex data + simplex status code(compile time)
|
||||||
|
5. bpf based state machine firewall + logging
|
||||||
|
6. inotify interrupt
|
||||||
|
7. optional: steganographically resilient for timing attacks
|
||||||
|
- implements userland interface
|
||||||
|
1. authenticate remote communication point
|
||||||
|
2. transfer file, not files
|
||||||
|
3. transfer text
|
||||||
|
- use well known security concepts
|
||||||
|
- ECC based asymmetric encryption + symmetric transfers
|
||||||
|
- maybe hardware token based signing
|
||||||
|
- technology combining of
|
||||||
|
- wireguard -> the light driver + encryption
|
||||||
|
- syncthing -> UI handling of sharing files
|
||||||
|
- warpinator -> idea of sharing files
|
||||||
|
- snapdrop/Airdrop
|
||||||
|
- age encryption
|
||||||
|
- benefits
|
||||||
|
- one piece of software for one specific job
|
||||||
|
- implementing a specific feature by design not by enforcing outer boundaries
|
||||||
|
- json based transfer format
|
||||||
|
- version
|
||||||
|
- type of content [0:text, 1:file]
|
||||||
|
- size of content [int64]
|
||||||
|
- encrypted content [2^48]
|
Loading…
Reference in New Issue
Block a user