Datadiode
This commit is contained in:
parent
dd2c88d395
commit
d6417d5028
34
datadiode-driver.md
Normal file
34
datadiode-driver.md
Normal file
@ -0,0 +1,34 @@
|
||||
# datadiode netzwork driver
|
||||
|
||||
## loose thoughts
|
||||
- based on ethernet or lwl
|
||||
- primarily to exchange data between virtualized hosts
|
||||
- implements a driver which
|
||||
1. trust on unbound channel
|
||||
2. established a secure data transfer
|
||||
3. PSK as param, maximum receive size
|
||||
4. basically unicast , optionally simplex data + simplex status code(compile time)
|
||||
5. bpf based state machine firewall + logging
|
||||
6. inotify interrupt
|
||||
7. optional: steganographically resilient for timing attacks
|
||||
- implements userland interface
|
||||
1. authenticate remote communication point
|
||||
2. transfer file, not files
|
||||
3. transfer text
|
||||
- use well known security concepts
|
||||
- ECC based asymmetric encryption + symmetric transfers
|
||||
- maybe hardware token based signing
|
||||
- technology combining of
|
||||
- wireguard -> the light driver + encryption
|
||||
- syncthing -> UI handling of sharing files
|
||||
- warpinator -> idea of sharing files
|
||||
- snapdrop/Airdrop
|
||||
- age encryption
|
||||
- benefits
|
||||
- one piece of software for one specific job
|
||||
- implementing a specific feature by design not by enforcing outer boundaries
|
||||
- json based transfer format
|
||||
- version
|
||||
- type of content [0:text, 1:file]
|
||||
- size of content [int64]
|
||||
- encrypted content [2^48]
|
Loading…
Reference in New Issue
Block a user