David Stainton's Open Source Projects
See David Stainton’s github profile for additional open source projects.
Rust
I learned Rust by writing cryptography libraries and solving cryptopals challenges.
Here you can see my process for learning Rust was to first solve the challenge in Golang and then port my solution to Rust. I’ve written my solutions in the form of a rust library (crate), and then each challenge is represented as an integration test case which tests the library’s code.
-
Rust fork Katzenpost mixnet client: https://github.com/sphinx-cryptography
-
I integrated the Kyber (NIST round II) KEM (key encapsulation mechanism) into the latest (at the time) Snow, the Noise cryptographic protocol library implemented in Rust. Review my pull request here:
https://github.com/mcginty/snow/pull/106
However for the purpose of my Rust mixnet project I’ve forked snow here, so I can publish crates with the latest Kyber addition.
https://github.com/sphinx-cryptography/snow
This rust crate is binary compatible with the Golang Katzenpost Mix Network Wire Protocol and it uses the Noise cryptographic transport protocol. Mix Link uses the Noise_XXhfs_25519+Kyber1024_ChaChaPoly_BLAKE2b handshake. This is a hybrid post quantum handshake that protects against adversaries today that will have a post quantum computer in the future.
Rekeying is done after every message that is sent. Messages are serialized using a custome minimal binary format. The message types are useful for building a message oriented anonymous communication network called a “mix network” but they could be modified to write other types of distributed systems.
Here I wrote some C FFI bindings around the reference implementation of the AEZ wide-block cipher. Soon afte I wrote this, someone came along and made some improvements. :)
Sphinx is cryptographic packet for design to implement anonymous communication networks such as decryption mix networks and Hornet/Lightening network. This implementation is design to be compatible with Katzenpost.
I wrote this Lioness implementation specifically to be binary compatible with my golang Lioness implementation.
This is a work-in-progress mix server meant to implement a SEDA (staged events drive architecture) pipeline for packet processing.
Golang
I started writing Go back in 2014.
From 2017 to around 2020 I’ve worked on an anonymous communication network, specifically a decryption mix network known as Katzenpost. This open source software project started off as part of the Horizon 2020 Panoramix Project funded by the European Commision and included collaborations with some of the top European computer science researchers. The design of Katzenpost was largely based off of The Loopix Anonymity System which was published at 2017 Usenix Security and Privacy conference.
This project included 3 months of collaborations with European academics to write our design specification documents followed by several months of software development time. However the original grant funding the Katzenpost project via the Panoramx Horizon 2020 grant program had very limited deliverables which actually specified e-mail integration. One of my collaborators at that time who is known as Yawning Angel wrote much of the mix server internals as well as an e-mail integration client called mailproxy.
Since the Panoramix grant project is officially over Katzenpost has headed in new and interesting directions, including a new messaging system to improve upon the security and privacy.
Katzenpost continues to improve far beyond the limits of the old deliverables of the Panoramix grant project. I’ve made some of these new contributions, including:
-
A plugin system for the mix server allowing Providers to run network services that a mixnet client can interact with. https://github.com/katzenpost/server/blob/master/internal/provider/kaetzchen/cbor_plugins.go
-
Several mixnet service plugins including a PANDA and REUNION servers to facilitate asynchronous PAKE protocols. https://github.com/katzenpost/reunion https://github.com/katzenpost/panda
-
A new mixnet messaging protocol (called catshadow) and client for sending messages (aka anonymous chat client); the novelty here is this protocol provides strong location hiding properties to prevent communication partners from discoverying one another’s location on the mix network. https://github.com/katzenpost/catshadow https://github.com/katzenpost/catchat
-
New cryptographic certificate format used by our mixnet voting directory authority server. https://github.com/katzenpost/core/tree/master/crypto/cert
-
An upgrade to the Katzenpost mix network wire protocol to use a Noise cryptographic framework based handshake which has a forward secret handshake that is compose with the post quantum KEM called Kyber (NIST round 3); protects agains an adversary today from using a quantum computer in the future. It’s called a hybrid construction because the security of the handshake pattern relies on not only Kyber but also X25519 elliptic curve diffie hellman key exchange. https://github.com/katzenpost/core/tree/master/wire https://github.com/katzenpost/noise
-
A rust crate which is binary compatible with our wire protocol to facilitate writing a rust client library for Katzenpost. https://github.com/sphinx-cryptography/mix_link https://github.com/mcginty/snow/pull/106
-
A post quantum hybrid double ratchet for end to end message encryption that protects against an active quantum adversary. https://github.com/katzenpost/doubleratchet
Some of this work was also funded by Samsung and NLNet.
See Announcing the Samsung NEXT Stack Zero Grant recipients.
In 2014, shortly after the Edward Snowden document leaks I wrote Honeybadger, the most advanced detector of TCP injection attacks. Honeybadger uses my own classification of injection attacks:
- handshake hijack
- segment veto
- sloppy injection
- out-of-order coalesce injection
- censorship injection
To read about my TCP injection classification see: TCP injection attack categories
During my work on Honeybadger I have also acted as an advisor for Google in the improvement of their Gopacket library. In particular I was coresponding with Graeme Connell with Google and Laurent Hausermann with Sentryo in April of 2015. NOTE: I have never been employed by Google; I am an independent security researcher.
I added the BSD BPF sniffer to Google’s gopacket library as part of the previously mentioned Honeybadger software project. I did this so that Honeybadger could be efficiently used on BSD operating systems such as FreeBSD without having to use libpcap. Might as well have Google maintain the code for me, am I right? :)
I wrote the most sophisticated Tor control port filter daemon. The Tor control port allows applications to control the Tor daemon and perform various operations such as create an onion service or create a Tor circuit. With Roflcoptor acting as a proxy to the Tor control port, each application has a white list of Tor control port commands. This greatly reduces the risk of deanonymization when giving an application access to the Tor control port. (see Tor control port specification )
My Parasitic TCP traceroute tool makes use of the Linux kernel’s nfqueue subsystem to mangle TCP packets of an existing connection in order to perform a traceroute. Such a traceroute might in some circumstances be useful for tracing a connection beyond an upstream NAT (network address translation) device.
Bulb is useful for Tor integration and this feature I added allows for Go applications to easily create a Tor onion service.
Python
Most of my Python experience involves async IO networking with Twisted, however, I’ve also used Tornado and blocking IO. Many of my Python project involve networking and cryptography; this is after all, the main theme repeated throughout my work portfolio.
- Contributed various feature additions to the Tahoe-LAFS project.
Tahoe-LAFS is an encrypted file store with a powerful cryptographic capability system.
I made the Sphinx cryptographic packet library compatible with Python 2 and Python 3. I’ve also upgraded some of the cryptographic primitives.
Lioness is an SPRP - a super pseuodo random permutation which is also known as a wide-block cipher. It’s useful in circumstances where you can authenticated the plaintext but not the ciphertext.
- Wrote a active network scanner for a Linux kernel vulnerability that affected the Tor network and sent a report to the tor-dev mailing list
I came up with a Tor guard discovery attack involving this Linux kernel vulnerability however my analysis remains unpublished due to ethical considerations.
This is essentially a VPN which uses Tor onions as the network transport.