MinimaLT: Minimal-latency Networking Through Better Security

Created: 2020-08-12T18:27:28.717925

This card pertains to a resource available on the internet.

Basically another case of using UDP to re-create what TCP does. It also combines pipe encryption (a la TLS), attempts to prevent types of denial of service attacks. Think of enet but with crypto.

ENet networking library.

There is a bunch of math markup I haven't read thoroughly. It mostly provides more implementation details.

Goals

Encrypt all traffic.
Secure against DoS attacks.
Obsoletes TLS because all communication is fully encrypted.
Obsoletes TCP and uses its own frames over UDP.
Eliminate three-way handshake by returning a server's key during the DNS lookup phase
Twice as fast as unencrypted TCP.
Four times faster than OpenSSL.
Connections can be ported across endpoints for mobile/travelling users.
Merges key handshaking with DNS requests to eliminate more network state.

Definitions

Key erasure: capturing the key at a later time does not expose past communications.
Identity: A public/private key pair that describes a user.
Anonymity: a user who generates a new identity for each session.
Tunnel: a pipeline between a user and a server which carries one or more connections.
Control Connection: Special channel which does control things.
Long-term certificate: Binds a server key to a host name.
Ephemeral certificate: Shorter lived key used to open connections with the host.
Service record: contains certificate and connection information bound to a given name.

Users create a "tunnel" to communicate between their computer and a server. They can create multiple connections within this tunnel so all communication between that client-server pair is coalesced together.

The control channel carries remote procedure calls to create, close and modify other connections from the tunnel.

Trivia

500ms latency loses 25% of users (Google)
UX degrades at waits of 100ms (probably Nielson-Normans)