Shadowsocks takardun shaida
navigation
AEAD
AEAD yana tsaye ga Ingantattun Rufewa tare da Haɗin Bayanai. Ciphers AEAD a lokaci guda suna ba da sirri, mutunci, da sahihanci. Suna da kyakkyawan aiki da ƙarfin ƙarfi akan kayan aikin zamani. Masu amfani yakamata suyi amfani da sifar AEAD duk lokacin da zai yiwu.
Ana ba da shawarar sifofin AEAD masu zuwa. Dole ne aiwatar da Shadowsocks masu dacewa su goyi bayan AEAD_CHACHA20_POLY1305. Aiwatar da na'urori tare da haɓakar AES na hardware yakamata su aiwatar da AEAD_AES_128_GCM da AEAD_AES_256_GCM.
sunan | wanda aka ce masa | Girman Maɓalli | Girman Gishiri | Girman Nonce | tag Girman |
AEAD_CHACHA20_POLY1305 | chacha20-ietf-poly1305 | 32 | 32 | 12 | 16 |
AEAD_AES_256_GCM | -256 gcm | 32 | 32 | 12 | 16 |
AEAD_AES_128_GCM | -128 gcm | 16 | 16 | 12 | 16 |
Don Allah a koma zuwa IANA AEAD rajista don tsarin suna da ƙayyadaddun bayanai.
Mabuɗin Samowa
Maɓallin maɓalli na iya zama shigarwa kai tsaye daga mai amfani ko ƙirƙira daga kalmar sirri.
HKDF_SHA1 aiki ne da ke ɗaukar maɓalli na sirri, gishirin da ba na sirri ba, zaren bayanai, kuma yana samar da maɓalli mai ƙarfi mai ƙarfi ko da maɓallin sirrin shigarwa yana da rauni.
HKDF_SHA1 (maɓalli, gishiri, bayani) => subkey
Zaren bayanin yana ɗaure maɓalli da aka ƙirƙira zuwa takamaiman mahallin aikace-aikacen. A cikin yanayinmu, dole ne ya zama kirtani "ss-subkey" ba tare da ƙididdiga ba.
Mun sami maɓalli na kowane-zama daga maɓallin babban maɓalli da aka riga aka raba ta amfani da HKDF_SHA1. Gishiri dole ne ya zama na musamman ta duk rayuwar maɓalli mai mahimmanci da aka riga aka raba.
Ingantacciyar ɓoyayyen ɓoye/Decryption
AE_encrypt aiki ne wanda ke ɗaukar maɓalli na sirri, mara sirri, saƙo, kuma yana samar da sifa da alamar tantancewa. Babu wani abu dole ne ya zama na musamman don maɓallin da aka bayar a kowace kira.
AE_encrypt (maɓalli, nonce, saƙo) => (rubutu, tag)
AE_decrypt aiki ne wanda ke ɗaukar maɓalli na sirri, wanda ba na sirri ba, rubutun rubutu, alamar tabbatarwa, kuma yana samar da saƙo na asali. Idan wani abu daga cikin abubuwan da aka shigar da shi ya lalace da shi, ƙaddamarwar za ta gaza.
AE_decrypt(maɓalli, nonce, ciphertext, tag) => saƙo
TCP
Rafin TCP mai rufaffen AEAD yana farawa da gishirin da aka samar ba da gangan don samun maɓallin ƙaramar kowane lokaci, sannan kowane adadin rufaffiyar gungu. Kowane gunki yana da tsari mai zuwa:
[tsawon kaya mai rufaffen kaya] [tambarin tsayi] [nauyin ɓoyayyen kaya] [tambarin kaya]
Tsawon biyan kuɗi shine babban lamba 2-byte wanda ba a sanya hannu ba a 0x3FFF. An adana manyan rago biyu mafi girma kuma dole ne a saita su zuwa sifili. Don haka ana ɗaukar nauyin biyan kuɗi zuwa 16*1024 – 1 bytes.
Na farko AEAD encrypt/decrypt aiki yana amfani da ƙidaya nonce farawa daga 0. Bayan kowane aikin ɓoye/rufewa, nonce yana ƙaruwa da ɗaya kamar integer kaɗan mara sa hannu. Lura cewa kowane TCP chunk ya ƙunshi AEAD encrypt/decrypt ayyuka guda biyu: ɗaya don tsawon lokacin biya, ɗayan kuma don ɗaukar nauyi. Don haka kowane chunk yana ƙara nonce sau biyu.
TCP
Rafin TCP mai rufaffen AEAD yana farawa da gishirin da aka samar ba da gangan don samun maɓallin ƙaramar kowane lokaci, sannan kowane adadin rufaffiyar gungu. Kowane gunki yana da tsari mai zuwa:
[tsawon kaya mai rufaffen kaya] [tambarin tsayi] [nauyin ɓoyayyen kaya] [tambarin kaya]
Tsawon biyan kuɗi shine babban lamba 2-byte wanda ba a sanya hannu ba a 0x3FFF. An adana manyan rago biyu mafi girma kuma dole ne a saita su zuwa sifili. Don haka ana ɗaukar nauyin biyan kuɗi zuwa 16*1024 – 1 bytes.
Na farko AEAD encrypt/decrypt aiki yana amfani da ƙidaya nonce farawa daga 0. Bayan kowane aikin ɓoye/rufewa, nonce yana ƙaruwa da ɗaya kamar integer kaɗan mara sa hannu. Lura cewa kowane TCP chunk ya ƙunshi AEAD encrypt/decrypt ayyuka guda biyu: ɗaya don tsawon lokacin biya, ɗayan kuma don ɗaukar nauyi. Don haka kowane chunk yana ƙara nonce sau biyu.
