Crate roughenough [−] [src]
An implementation of the Roughtime secure time synchronization protocol.
Roughtime aims to achieve rough time synchronisation in a secure way that doesn't depend on any particular time server, and in such a way that, if a time server does misbehave, clients end up with cryptographic proof of it.
Protocol
Roughtime messages are represented by RtMessage which
implements the mapping of Roughtime u32 tags to byte-strings.
Client
A Roughtime client can be found in src/bin/client.rs. To run the client:
$ cargo run --release --bin client roughtime.int08h.com 2002
Consult the client's --help output for all runtime options.
Server
A Roughtime server implementation is in src/bin/server.rs. The server is
configured via a yaml file:
interface: 127.0.0.1
port: 8686
seed: f61075c988feb9cb700a4a6a3291bfbc9cab11b9c9eca8c802468eb38a43d7d3
batch_size: 64
Where:
- interface - IP address or interface name for listening to client requests
- port - UDP port to listen to requests
- seed - A 32-byte hexadecimal value used as the seed to generate the server's long-term key pair. This is a secret value, treat it with care.
- batch_size - The number of requests to process in one batch. All nonces in a batch are used to build a Merkle tree, the root of which is signed.
To run the server:
$ cargo run --release --bin server /path/to/config.file
Modules
| merkle |
Merkle Tree implementation using SHA-512 and the Roughtime leaf and node tweak values. |
| sign |
Ed25519 signing and verification |
Structs
| RtMessage |
A Roughtime protocol message; a map of u32 tags to arbitrary byte-strings. |
Enums
| Error |
Error types generated by this implementation |
| Tag |
An unsigned 32-bit value (key) that maps to a byte-string (value). |
Constants
| CERTIFICATE_CONTEXT |
Prefixed to the server's certificate before generating or verifying certificate's signature |
| HASH_LENGTH |
Size (in bytes) of a SHA-512 hash |
| MIN_REQUEST_LENGTH |
Minimum size (in bytes) of a client request |
| MIN_SEED_LENGTH |
Minimum size (in bytes) of seeds used to derive private keys |
| NONCE_LENGTH |
Size (in bytes) of the client's nonce |
| PUBKEY_LENGTH |
Size (in bytes) of an Ed25519 public key |
| RADIUS_LENGTH |
Size (in bytes) of server's time uncertainty value |
| SIGNATURE_LENGTH |
Size (in bytes) of an Ed25519 signature |
| SIGNED_RESPONSE_CONTEXT |
Prefixed to the server's response before generating or verifying the server's signature |
| TIMESTAMP_LENGTH |
Size (in bytes) of server's timestamp value |
| TREE_LEAF_TWEAK |
Value prepended to leaves prior to hashing |
| TREE_NODE_TWEAK |
Value prepended to nodes prior to hashing |
| VERSION |
Version of Roughenough |