Cov ntaub ntawv ntawm Shadowsocks
navigation
AEAD
AEAD stands rau Authenticated Encryption nrog Associated Data. AEAD ciphers ib txhij muab kev ceev ntiag tug, kev ncaj ncees, thiab qhov tseeb. Lawv muaj kev ua tau zoo heev thiab lub zog ua haujlwm ntawm cov khoom siv niaj hnub no. Cov neeg siv yuav tsum siv AEAD ciphers thaum twg los tau.
Cov nram qab no AEAD ciphers raug pom zoo. Kev ua raws li Shadowsocks yuav tsum txhawb AEAD_CHACHA20_POLY1305. Kev siv rau cov khoom siv nrog kho vajtse AES acceleration yuav tsum siv AEAD_AES_128_GCM thiab AEAD_AES_256_GCM.
lub npe | cai | Qhov Loj | Ntsev Loj | Nonce Size | Tag Loj |
AEAD_CHACHA20_POLY1305 | chacha20-ietf-poly1305 | 32 | 32 | 12 | 16 |
AEAD_AES_256_GCM | ib-256-gcm | 32 | 32 | 12 | 16 |
AEAD_AES_128_GCM | ib-128-gcm | 16 | 16 | 12 | 16 |
Thov saib IANA AEAD npe rau npe scheme thiab specification.
Ntsiab Derivation
Tus yuam sij tus tswv tuaj yeem nkag ncaj qha los ntawm tus neeg siv lossis tsim los ntawm tus password.
HKDF_SHA1 yog ib txoj haujlwm uas siv tus yuam sij zais cia, tsis muaj ntsev ntsev, cov ntaub ntawv xov xwm, thiab ua rau lub subkey uas yog cryptographically muaj zog txawm tias tus yuam sij nkag tsis muaj zog.
HKDF_SHA1(key, ntsev, info) => subkey
Cov ntaub ntawv txoj hlua khi cov subkey generated rau ib lub ntsiab lus ntawm daim ntawv thov. Hauv peb cov ntaub ntawv, nws yuav tsum yog txoj hlua "ss-subkey" yam tsis muaj cov lus hais.
Peb muab tau ib qho subkey los ntawm tus yuam sij ua ntej sib koom siv HKDF_SHA1. Ntsev yuav tsum yog tshwj xeeb los ntawm tag nrho lub neej ntawm pre-shared master key.
Authenticated Encryption/Decryption
AE_encrypt yog ib txoj haujlwm uas siv tus yuam sij zais cia, tsis yog zais zais, lus, thiab tsim cov ntawv ciphertext thiab daim ntawv pov thawj. Tsis yog yuav tsum yog qhov tshwj xeeb rau tus yuam sij muab rau hauv txhua daim ntawv thov.
AE_encrypt(key, nonce, message) => (ciphertext, tag)
AE_decrypt yog ib txoj haujlwm uas siv tus yuam sij zais cia, tsis zais zais, ciphertext, daim ntawv lees paub tseeb, thiab tsim cov lus qub. Yog tias ib qho ntawm cov tswv yim raug cuam tshuam nrog, lub decryption yuav ua tsis tiav.
AE_decrypt(key, nonce, ciphertext, tag) => lus
TCP
Ib qho AEAD encrypted TCP kwj pib nrog ib qho kev tsim cov ntsev randomly muab tau rau ib-session subkey, ua raws li los ntawm ib tug xov tooj ntawm encrypted chunks. Txhua chunk muaj cov qauv hauv qab no:
[encrypted payload length][length tag][encrypted payload][payload tag]
Payload ntev yog 2-byte big-endian unsigned integer capped ntawm 0x3FFF. Qhov siab dua ob cov khoom tshwj tseg thiab yuav tsum tau teem rau xoom. Payload yog li txwv rau 16 * 1024 - 1 bytes.
Thawj AEAD encrypt/decrypt ua haujlwm siv qhov suav nonce pib los ntawm 0. Tom qab txhua qhov kev ua haujlwm encrypt/decrypt, qhov nonce yog incremented los ntawm ib yam li nws yog ib tug unsigned me ntsis-endian integer. Nco ntsoov tias txhua TCP chunk suav nrog ob AEAD encrypt / decrypt cov haujlwm: ib qho rau lub sijhawm them nyiaj, thiab ib qho rau kev them nyiaj. Yog li txhua chunk nce qhov nonce ob zaug.
TCP
Ib qho AEAD encrypted TCP kwj pib nrog ib qho kev tsim cov ntsev randomly muab tau rau ib-session subkey, ua raws li los ntawm ib tug xov tooj ntawm encrypted chunks. Txhua chunk muaj cov qauv hauv qab no:
[encrypted payload length][length tag][encrypted payload][payload tag]
Payload ntev yog 2-byte big-endian unsigned integer capped ntawm 0x3FFF. Qhov siab dua ob cov khoom tshwj tseg thiab yuav tsum tau teem rau xoom. Payload yog li txwv rau 16 * 1024 - 1 bytes.
Thawj AEAD encrypt/decrypt ua haujlwm siv qhov suav nonce pib los ntawm 0. Tom qab txhua qhov kev ua haujlwm encrypt/decrypt, qhov nonce yog incremented los ntawm ib yam li nws yog ib tug unsigned me ntsis-endian integer. Nco ntsoov tias txhua TCP chunk suav nrog ob AEAD encrypt / decrypt cov haujlwm: ib qho rau lub sijhawm them nyiaj, thiab ib qho rau kev them nyiaj. Yog li txhua chunk nce qhov nonce ob zaug.
