TODO.txt 1.5 KB

1234567891011121314151617181920212223242526272829303132333435363738
  1. HKExSh TODO Ideas
  2. --
  3. Chaff Improvements
  4. - Zipf or other distributions for chaff freq, packetsz
  5. - Mimicry of hand-typed traffic for chaff on interactive sessions
  6. - Client-input chaff file data (ie., Moby Dick)
  7. KEx: Look at ECIES: https://godoc.org/github.com/bitherhq/go-bither/crypto/ecies
  8. ThreeBears? BIKE?, NTRU?: https://www.safecrypto.eu/pqclounge/
  9. NIST Round 1 submissions:
  10. https://csrc.nist.gov/projects/post-quantum-cryptography/round-1-submissions
  11. Architecture
  12. (DONE) - Move hkexnet components other than key exchange into a proper hkex package
  13. (ie., hkexsh imports hkex) - hkex should be usable for other client/svr utils,
  14. ala 'hkex-netcat')
  15. (parts split out into hkexnet/*, hkexsession.go)
  16. (DONE) - Make KEx fully-pluggable: isolate all code to do with Herradura into a
  17. KEx-neutral pkg so it can be swapped out for other methods (eg., DH etc.)
  18. (DONE - test branch) - Use system password db (/etc/{passwd,shadow})
  19. Features
  20. (DONE) - Support for hkcp (hkex-cp) - secure file copy protocol
  21. (DONE) - auth tokens to allow scripted hkexsh/hkexcp use
  22. (DONE) - tunnelling - multiple tunnel sessions co-existing w/shell sessions
  23. - non-interactive tunnel-only mode
  24. - reverse tunnels
  25. Alternate transports for hkexsh.Conn - HTTP-mimicking traffic, ICMP, ... ?
  26. (Whatever golang can support for net.Dial(), net.Accept(), io.Reader/Writer
  27. should in principle be usable as substrate for hkex.Conn)
  28. Install
  29. (DONE - openrc) - init scripts for open-rc/init (and systemd, sigh)
  30. (DONE) - make install
  31. - common packages (yum/deb/portage)