udp2raw icon indicating copy to clipboard operation
udp2raw copied to clipboard

Published 20 hours ago verified publisher icon wangyu-

Pluggable encryption and authentication is preferable

Open edsburke opened this issue 4 years ago • 1 comments

udp2raw-tunnel supports AES-128-CBC and HMAC-SHA1 as its encryption and authentication, which is good in most of the use cases, but it would be great if it also supports pluggable encryption and authentication so users have the best options to choose that fits their needs best.

  1. A good case in point to start is chacha20-ietf-poly1305 that performs better in censorship resistant environments.
  2. It would be great to port this feature to udp2raw-multiplatform since it affects both client and server side.

Hopefully, this proposal can be implemented to benefit a lot projects.

edsburke avatar Jan 26 '21 22:01 edsburke

A good case in point to start is chacha20-ietf-poly1305 that performs better in censorship resistant environments.

Could you please provide the citation that makes you believe this is true?

Although it's not bad to have other options, I am unlikely going to put high priority on this. From my understanding, what is more important is the scheme how you use the (encryption and authorization) algorithms, instead of the algorithms itselves. Whether it's chacha20 or AES doesn't make a big difference.

wangyu- avatar Jan 27 '21 09:01 wangyu-