Iqembu labacwaningi baseJalimane, abathuthukisi kanye nababhali be-cryptographer bashicilele ukukhululwa kokuqala kwephrojekthi ye-Rosenpass, eyakha i-VPN kanye nendlela yokushintshanisa ukhiye emelene nokugetshengwa kumakhompyutha e-quantum. I-WireGuard VPN enama-algorithms ajwayelekile wokubethela nokhiye isetshenziswa njengendlela yokuthutha, futhi i-Rosenpass ihambisana nayo ngamathuluzi okushintshanisa ayisihluthulelo avikelwe ekugetshengeni amakhompyutha e-quantum (okungukuthi i-Rosenpass iphinde ivikele ukushintshanisa okubalulekile ngaphandle kokushintsha ama-algorithms wokusebenza kwe-WireGuard nezindlela zokubethela). I-Rosenpass ingasetshenziswa futhi ngokuhlukene ne-WireGuard ngendlela yekhithi yamathuluzi yokushintshanisa ukhiye wendawo yonke elungele ukuvikela ezinye izimiso zokuziphatha ekuhlaselweni kwamakhompyutha e-quantum.
Ikhodi yekhithi yamathuluzi ibhalwe nge-Rust futhi isatshalaliswa ngaphansi kwamalayisensi e-MIT kanye ne-Apache 2.0. Ama-Cryptographic algorithms kanye nezakudala zibolekwa kuma-liboqs nakulabhulali ye-libsodium, ebhalwe ngolimi C. Isisekelo sekhodi eshicilelwe sibekwe njengesisetshenziswa sereferensi - ngokususelwa kuzicaciso ezinikeziwe, ezinye izinguqulo zekhithi yamathuluzi zingathuthukiswa kusetshenziswa ezinye izilimi zokuhlela. Njengamanje umsebenzi uyaqhubeka ukuze kuqinisekiswe ngokusemthethweni iphrothokholi, i-crypto-algorithms kanye nokuqaliswa ukuze kunikezwe ubufakazi bezibalo bokuthembeka. Njengamanje, kusetshenziswa i-ProVerif, ukuhlaziya okungokomfanekiso kwephrothokholi kanye nokusetshenziswa kwayo okuyisisekelo ngolimi lwe-Rust sekuvele kwenziwa.
Iphrothokholi ye-Rosenpass isuselwe ku-PQWG (Post-quantum WireGuard) indlela yokushintshanisa ukhiye eqinisekisiwe, eyakhiwe kusetshenziswa i-cryptosystem ye-McEliece, ekwazi ukumelana namandla anonya kukhompyutha ye-quantum. Ukhiye okhiqizwe i-Rosenpass usetshenziswa ngendlela yokhiye owabelwa ngaphambili we-WireGuard (PSK), ohlinzeka ngesendlalelo esengeziwe sokuvikeleka kokuxhumeka kwe-VPN eyingxube.
I-Rosenpass inikeza inqubo yangemuva esebenza ngokuhlukile esetshenziselwa ukukhiqiza okhiye abachazwe ngaphambilini be-WireGuard futhi kuvikelwe ukushintshana kokhiye phakathi nenqubo yokuxhawula kusetshenziswa amasu we-post-quantum cryptography. Njengo-WireGuard, okhiye be-symmetric ku-Rosenpass babuyekezwa njalo ngemizuzu emibili. Ukuze uvikele uxhumano, okhiye abahlanganyelwe bayasetshenziswa (ipheya lokhiye basesidlangalaleni nabayimfihlo benziwa ohlangothini ngalunye, ngemva kwalokho ababambiqhaza badlulisela okhiye basesidlangalaleni komunye nomunye).
Source: opennet.ru