gitea-mirror/rosenpass
1
0
Fork 0
mirror of https://github.com/rosenpass/rosenpass.git synced 2025-12-12 15:49:22 -08:00
Code Issues Packages Projects Releases Wiki Activity

fix(whitepaper): Cookie feature is implemented but experimental

Browse Source
This commit is contained in:
Karolin Varner
2025-08-14 18:11:52 +02:00
parent f59b63a4d3
commit 9d5996e71c
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
papers/whitepaper.md
View File

@@ -277,7 +277,7 @@ The different labels are:
Rosenpass uses a cryptographic hash function for multiple purposes: Rosenpass uses a cryptographic hash function for multiple purposes:
* Computing the message authentication code in the message envelope as in WireGuard * Computing the message authentication code in the message envelope as in WireGuard
* Computing the cookie to guard against denial of service attacks. This is a feature adopted from WireGuard, but not yet included in the implementation of Rosenpass. * Computing the cookie to guard against denial of service attacks.
* Computing the peer ID * Computing the peer ID
* Key derivation during and after the handshake * Key derivation during and after the handshake
* Computing the additional data for the biscuit encryption, to provide some privacy for its contents * Computing the additional data for the biscuit encryption, to provide some privacy for its contents
@@ -590,6 +590,8 @@ ICR5 and ICR6 perform biscuit replay protection using the biscuit number. This i
Rosenpass derives its cookie-based DoS mitigation technique for a responder when receiving InitHello messages from Wireguard [@wg]. Rosenpass derives its cookie-based DoS mitigation technique for a responder when receiving InitHello messages from Wireguard [@wg].
**This is currently implemented in the Rosenpass implementation but still considered an experimental feature and not enabled by default.**
When the responder is under load, it may choose to not process further InitHello handshake messages, but instead to respond with a cookie reply message (see Figure \ref{img:MessageTypes}). When the responder is under load, it may choose to not process further InitHello handshake messages, but instead to respond with a cookie reply message (see Figure \ref{img:MessageTypes}).
The sender of the exchange then uses this cookie in order to resend the message and have it accepted the following time by the reciever. The sender of the exchange then uses this cookie in order to resend the message and have it accepted the following time by the reciever.
@@ -1055,6 +1057,7 @@ Additional changes (also motivated by a close review, but not reported by Steffe
\end{minted} \end{minted}
\end{quote} \end{quote}
``` ```
4. Remove reference to the proof-of-IP-ownership-based DoS mitigation feature not being implemented. Add a notice, that the feature is currently experimental.
#### 2025-06-24 Specifying the `osk` used for WireGuard as a protocol extension #### 2025-06-24 Specifying the `osk` used for WireGuard as a protocol extension