The Story of How I Built a VPN protocol: Part 1
The article details the author's experience creating a custom VPN protocol for educational purposes after facing compatibility issues with existing VPN software on Arch Linux. The protocol emphasizes stealth, using ChaCha20-Poly1305 encryption, pre-shared keys, and TCP with obfuscated packet lengths. It includes a detailed handshake process involving username and salt exchange, key derivation, and ECDH for forward secrecy.
- ▪The author built a custom VPN protocol after their preferred client failed to work on Arch Linux.
- ▪The protocol uses ChaCha20-Poly1305 encryption with a pre-shared key and adds junk bytes for packet length obfuscation.
- ▪Each packet includes a 5-byte masked header, a nonce, ciphertext, authentication tag, and random junk bytes.
- ▪Key exchange involves a salt-based hash derivation and ECDH using Curve25519 for forward secrecy.
- ▪The client uses three goroutines to handle tunnel reading, packet preparation, and batched packet sending.
Opening excerpt (first ~120 words) tap to expand
try { if(localStorage) { let currentUser = localStorage.getItem('current_user'); if (currentUser) { currentUser = JSON.parse(currentUser); if (currentUser.id === 3902484) { document.getElementById('article-show-container').classList.add('current-user-is-article-author'); } } } } catch (e) { console.error(e); } Smile Posted on May 1 The Story of How I Built a VPN protocol: Part 1 #security #opensource #beginners #go 🚨🚨🚨 Disclaimer 🚨🚨🚨 This article and the VPN itself are written for educational purposes only. How It All Started I recently switched to Arch. Everything started off well: I installed all the utilities I needed, and then I decided to install the VPN I used to use. And then a problem appeared — it doesn't work on Arch (even as an AppImage).
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at DEV.to (Top).
Discussion
0 commentsMore from DEV.to (Top)
