dnscrypt-proxy/vendor/golang.org/x/crypto/blake2b
Frank Denis 2d1dd7eaab Add Stretch-Hash-and-Truncate option for extreme DNS privacy
This works over DNSCrypt and DoH, but requires a specifically configured
server.

Instead of sending the actual DNS queries, the SH-T system works as follows:

Step 1: the client query is evaluated through Argon2id, a military-grade,
memory-hard, CPU-hard stretching function. This makes it very expensive
for an attacker to find the original query, even using GPUs and ASICs.
For post-quantum resistance, we use it to generate a 1024-bit key.

Step 2: in case the Argon2id algorithm has a vulnerability, or, since this
is a popular function used for hashing passwords and for cryptocurrencices,
and people may have built rainbow tables already, we use a hash function over
the result of the previous function. This immediately defeats rainbow tables.

Step 3: the output of the hash function is truncated to 64-bit.
Due to a property of this operation known as collision-misresistance, and even
if the previous steps fail due to a nation-state actor, it is impossible for a
server operator to prove what exact query was originally sent by a client.

This feature is experimental.
2019-04-01 09:36:56 +02:00
..
blake2b.go Add Stretch-Hash-and-Truncate option for extreme DNS privacy 2019-04-01 09:36:56 +02:00
blake2b_amd64.go Add Stretch-Hash-and-Truncate option for extreme DNS privacy 2019-04-01 09:36:56 +02:00
blake2b_amd64.s Add Stretch-Hash-and-Truncate option for extreme DNS privacy 2019-04-01 09:36:56 +02:00
blake2b_generic.go Add Stretch-Hash-and-Truncate option for extreme DNS privacy 2019-04-01 09:36:56 +02:00
blake2b_ref.go Add Stretch-Hash-and-Truncate option for extreme DNS privacy 2019-04-01 09:36:56 +02:00
blake2bAVX2_amd64.go Add Stretch-Hash-and-Truncate option for extreme DNS privacy 2019-04-01 09:36:56 +02:00
blake2bAVX2_amd64.s Add Stretch-Hash-and-Truncate option for extreme DNS privacy 2019-04-01 09:36:56 +02:00
blake2x.go Add Stretch-Hash-and-Truncate option for extreme DNS privacy 2019-04-01 09:36:56 +02:00
register.go Add Stretch-Hash-and-Truncate option for extreme DNS privacy 2019-04-01 09:36:56 +02:00