Loading...
Searching...
No Matches
'aguard' - a filter who protects the communication by encrypting the data stream

Introduction

aguard is a LibMsgque filter and is used to encrypt and forward a data stream.
aguard filter is best explained with a picture:

aguard connects the source-application with the target-application, with both the source-application and the target-application using a aguard filter to encrypt the connection.


Encryption Details

The basic idea of encryption in aguard can be described in one sentence:

otto law
every known and published encryption method is already broken because otherwise it would not be known and published

In order to still be able to offer unbreakable encryption, the following conditions are necessary

  1. every vector that is added to a random number is a random number.
  2. each random number is not limited by its length or by its repetition.
  3. the more often a single random number is used as encryption, the more likely it is that it has been compromised.

The encryption-technology in aguard is described very simply:

‍Brute force crypto

The technology is very simple, instead of using ONE key there are 1000's of keys, the keys are all different lengths and consist of random vectors which in turn consist of 1000's of individual random numbers.

‍And how does that work?

Quite simply, each message is encrypted with its own random vector simply by addition:

‍Information + random = information random

Decryption is just as easy

‍Information random - random = information

And since no one can enter or use a keychain with 1000'den of keys by hand, the keys are combined in a shared library, which in turn must be identical between the sender and receiver system.

The sender sends his information with a key of the number "X" and sends this number as a prefix of the encrypted message to the recipient who uses the same key of the number "X" to decrypt the message.

The key SELF is not transmitted at any time. The bunch of keys is exchanged EXTERNALLY between sender and recipient, e.g. with personal meetings, courier etc.

‍There is a separate keychain for each pair of transmitter and receiver.

If sender AND receiver are NOT compromised then the connection is ABSOLUTELY secure because ideally each message is encrypted with a completely NEW key (no repetition).

There can of course also be a gradation of ABSOLUTE security, such as multiple use of a key for unimportant messages or an intelligent key rotation concept, etc.


Source-Code of "aguard"

aguard.c

usage: aguard [OPTION]... [ARGUMENT]...

  This tool is the data protection filter of NHI1.

  aguard [ARGUMENT]... syntax:
    aclient... @ aguard --key NUM ... [encrypted] ... @ aguard --key NUM... @ aserver

  msgque [OPTION]:
    --help-msgque    print msgque specific help

  aguard [OPTION]:
    -h, --help       print this help
    -d, --dig        print the key diggest
    -k, --key  NUM   select the KEY for encryption...(0 <= NUM <= 5)
                       0 = NO
                       1 = DEFAULT


Source-Code of "aguard" encryption

aguard_crypt.h


Source-Code of "aguard" key example

key.h