utoni / nDPId

Tiny nDPI based deep packet inspection daemons / toolkit.
GNU General Public License v3.0
67 stars 15 forks source link

Encrypt the json #47

Open UnveilTech opened 1 month ago

UnveilTech commented 1 month ago

Hi Toni, another suggestion is to encrypt the json sent to the sock/UDP client.

what do you think ?

bye Fred

utoni commented 4 weeks ago

That is an idea that I already had in my mind. (See: https://github.com/utoni/nDPId/milestone/3) I wanted to encrypt the nDPIsrvd connections to it's distributor clients. But doing this within nDPId UDP send is also something I'll consider as it should be more easy to implement as kinda "first crypto support".

UnveilTech commented 4 weeks ago

excellent ! we'll be happy for testing it as soon as it'll be available...

bye Fred

UnveilTech commented 4 weeks ago

Toni, but think that our proposal is a bit different what you mean with the milestone 1.8 or maybe we're wrong here ;o) the idea is that the nDPId sends encrypted json to another daemon (ex: ncat, socat, personal tool, etc...)

bye Fred

utoni commented 4 weeks ago

The idea is bit similar so far as it's the same JSON messages which are getting encrypted, but by a different application.

I'll probably start with the nDPId UDP encryption as this might be easier to achieve and may also be reused for other applications such as nDPIsrvd.

UnveilTech commented 4 weeks ago

you rock man !!! we would be happy to test it 👍

bye Fred

UnveilTech commented 3 weeks ago

Hi Toni, we've tested the OpenSSL part to encrypt the Json: x.zip

we have tested the process and it works fine... so if you could add that to your source code it'll be cool :o)

bye Fred

utoni commented 3 weeks ago

Hi Fred,

thanks for your proposal. Is there any reason why you've used aes256-cbc and not an AEAD i.e. aes256-gcm ?

UnveilTech commented 3 weeks ago

Toni, that's the source from Mistral (French IA, https://mistral.ai/) that we have modified a bit. we don't care if CBC or GCM, use the mode you think is the best... the only point we take care is that it must be Go langage compatible, we do use Go as our receiver daemon (nDPId -> Go daemon) anyway, CBC or GCM or etc..., I think we should find the way with Go :o)

bye Fred