Iqela labaphandi baseJamani, abaphuhlisi kunye nabaguquleli be-cryptographers baye bapapasha ukukhululwa kokuqala kweprojekthi ye-Rosenpass, ephuhlisa i-VPN kunye neendlela eziphambili zokutshintshiselana ezichasene nokukhwabanisa kwiikhomputha ze-quantum. I-WireGuard VPN ene-encryption algorithms esemgangathweni kunye nezitshixo zisetyenziswa njengezothutho, kwaye i-Rosenpass iyayincedisa ngezixhobo eziphambili zokutshintshiselana ezikhuselweyo ekuqhekezeni kwiikhomputha ze-quantum (oko kukuthi i-Rosenpass ikhusela utshintshiselwano oluphambili ngaphandle kokutshintsha i-algorithms yokusebenza kwe-WireGuard kunye neendlela zokubhala). I-Rosenpass inokusetyenziswa ngokwahlukileyo kwi-WireGuard ngendlela ye-universal key exchange toolkit efanelekileyo ukukhusela ezinye iiprothokholi ekuhlaselweni kwiikhomputha ze-quantum.
Ikhowudi yekhithi yezixhobo ibhalwe kwi-Rust kwaye ihanjiswa phantsi kwe-MIT kunye neelayisensi ze-Apache 2.0. I-Cryptographic algorithms kunye ne-primitives zibolekwe kwii-liboqs kunye neelayibrari ze-libsodium, ezibhalwe ngolwimi lwe-C. Isiseko sekhowudi epapashiweyo sibekwe njengokuphunyezwa kwereferensi - ngokusekwe kwiinkcukacha ezinikiweyo, iinguqulelo ezizezinye zezixhobo zokusebenza zinokuphuhliswa kusetyenziswa ezinye iilwimi zeprogram. Umsebenzi okwangoku uyaqhubeka ukuqinisekisa ngokusemthethweni iprotocol, i-crypto-algorithms kunye nokuphunyezwa ukubonelela ubungqina bemathematika bokuthembeka. Okwangoku, usebenzisa iProVerif, uhlalutyo olungokomfuziselo lweprotocol kunye nokuphunyezwa kwayo okusisiseko kulwimi lweRust sele lwenziwe.
Iprotocol yeRosenpass isekwe kwi-PQWG (i-Post-quantum WireGuard) eqinisekisiweyo indlela yotshintshiselwano olungundoqo, eyakhiwe kusetyenziswa i-cryptosystem ye-McEliece, exhathisa amandla akhohlakeleyo kwikhompyutheni ye-quantum. Isitshixo esiveliswe yi-Rosenpass sisetyenziswe ngendlela ye-WireGuard's pre-shared key (PSK), inikezela ngoluhlu olongezelelweyo lwe-hybrid VPN ukhuseleko loxhumo.
I-Rosenpass ibonelela ngenkqubo yangasemva esebenzayo ngokwahlukileyo esetyenziselwa ukuvelisa izitshixo ezichazwe ngaphambili ze-WireGuard kunye nokukhusela ukutshintshiselana okubalulekileyo ngexesha lenkqubo yokuxhawula izandla usebenzisa ubuchule be-post-quantum cryptography. NjengoWireGuard, izitshixo ze-symmetric kwi-Rosenpass zihlaziywa rhoqo kwimizuzu emibini. Ukukhusela uxhulumaniso, izitshixo ezikwabelwana ngazo zisetyenzisiweyo (isibini sezitshixo zoluntu kunye nezabucala zenziwe kwicala ngalinye, emva koko abathathi-nxaxheba badlulisela izitshixo zoluntu komnye nomnye).
umthombo: opennet.ru