David Stainton's Open Source Projects

See David Stainton’s github profile for additional open source projects.

Rust

rustacean logo

I learned Rust by writing cryptography libraries and solving cryptopals challenges.

So firstly, let me just state that I didn’t solve all of the challenges yet. I did most of the first two sets. My process for learning Rust at the same time was to first solve the challenge in Golang and then port my solution to Rust. I’ve written my solution in the form of a library (crate), and then each challenge is represented as an integration test case which tests the library’s code.

This rust crate is binary compatible with the Golang Katzenpost Mix Network Wire Protocol and it uses the Noise cryptographic transport protocol. Mix Link uses the Noise_XXhfs_25519+Kyber1024_ChaChaPoly_BLAKE2b handshake. This is a hybrid post quantum handshake that protects against adversaries today that will have a post quantum computer in the future.

Rekeying is done after every message that is sent. Messages are serialized using a custome minimal binary format. The message types are useful for building a message oriented anonymous communication network called a “mix network” but they could be modified to write other types of distributed systems.

Here I wrote some C FFI bindings around the reference implementation of the AEZ wide-block cipher. Soon afte I wrote this, someone came along and made some improvements. :)

Sphinx is cryptographic packet for design to implement anonymous communication networks such as decryption mix networks and Hornet/Lightening network. This implementation is design to be compatible with Katzenpost.

I wrote this Lioness implementation specifically to be binary compatible with my golang Lioness implementation.

This is a work-in-progress mix server meant to implement a SEDA (staged events drive architecture) pipeline for packet processing.

Golang

I started writing Go back in 2014.

golang gopher image

From 2017 to around 2020 I’ve worked on an anonymous communication network, specifically a decryption mix network known as Katzenpost. This open source software project started off as part of the Horizon 2020 Panoramix Project funded by the European Commision and included collaborations with some of the top European computer science researchers. The design of Katzenpost was largely based off of The Loopix Anonymity System which was published at 2017 Usenix Security and Privacy conference.

This project included 3 months of collaborations with European academics to write our design specification documents followed by several months of software development time. However the original grant funding the Katzenpost project via the Panoramx Horizon 2020 grant program had very limited deliverables which actually specified e-mail integration. One of my collaborators at that time who is known as Yawning Angel wrote much of the mix server internals as well as an e-mail integration client called mailproxy.

Since the Panoramix grant project is officially over Katzenpost has headed in new and interesting directions, including a new messaging system to improve upon the security and privacy.

Katzenpost continues to improve far beyond the limits of the old deliverables of the Panoramix grant project. I’ve made some of these new contributions, including:

Some of this work was also funded by Samsung and NLNet.

See NLnet accouncement

See Announcing the Samsung NEXT Stack Zero Grant recipients.

honeybadger image

In 2014, shortly after the Edward Snowden document leaks I wrote Honeybadger, the most advanced detector of TCP injection attacks. Honeybadger uses my own classification of injection attacks:

  1. handshake hijack
  2. segment veto
  3. sloppy injection
  4. out-of-order coalesce injection
  5. censorship injection

To read about my TCP injection classification see: TCP injection attack categories

During my work on Honeybadger I have also acted as an advisor for Google in the improvement of their Gopacket library. In particular I was coresponding with Graeme Connell with Google and Laurent Hausermann with Sentryo in April of 2015. NOTE: I have never been employed by Google; I am an independent security researcher.

I added the BSD BPF sniffer to Google’s gopacket library as part of the previously mentioned Honeybadger software project. I did this so that Honeybadger could be efficiently used on BSD operating systems such as FreeBSD without having to use libpcap. Might as well have Google maintain the code for me, am I right? :)

I wrote the most sophisticated Tor control port filter daemon. The Tor control port allows applications to control the Tor daemon and perform various operations such as create an onion service or create a Tor circuit. With Roflcoptor acting as a proxy to the Tor control port, each application has a white list of Tor control port commands. This greatly reduces the risk of deanonymization when giving an application access to the Tor control port. (see Tor control port specification )

My Parasitic TCP traceroute tool makes use of the Linux kernel’s nfqueue subsystem to mangle TCP packets of an existing connection in order to perform a traceroute. Such a traceroute might in some circumstances be useful for tracing a connection beyond an upstream NAT (network address translation) device.

Bulb is useful for Tor integration and this feature I added allows for Go applications to easily create a Tor onion service.


Python

python logo


  Most of my Python experience involves async IO networking with Twisted, however, I’ve also used Tornado and blocking IO. Many of my Python project involve networking and cryptography; this is after all, the main theme repeated throughout my work portfolio.


Tahoe-LAFS is an encrypted file store with a powerful cryptographic capability system.

I made the Sphinx cryptographic packet library compatible with Python 2 and Python 3. I’ve also upgraded some of the cryptographic primitives.

Lioness is an SPRP - a super pseuodo random permutation which is also known as a wide-block cipher. It’s useful in circumstances where you can authenticated the plaintext but not the ciphertext.

I came up with a Tor guard discovery attack involving this Linux kernel vulnerability however my analysis remains unpublished due to ethical considerations.

This is essentially a VPN which uses Tor onions as the network transport.