GoVPN is simple secure virtual private network daemon, written entirely on Go programming language.
Reviewability, high 128-bit security margin and DPI censorship resistance in mind in free software solution are the main goals for that daemon. Most modern widespread protocols and their implementations in software are too complex to be reviewed, analyzed and modified.
State off art cryptography technologies. Strong mutual authenticated key exchange is invulnerable to man-in-the middle attachs. Perfect forward secrecy property guarantees that compromising of long-term authentication keys does not lead to previously captured traffic decrypting. Compromising of peers password files on server side won’t allow attacker to masquerade as the client, because of asymmetric verifiers usage, resistant to dictionary attacks. Rehandshaking ensures session keys rotation. One-time keys MAC authentication protects against replay attacks.
Server can work with several clients simultaneously. Each client is identified by 128-bit key, that does not leak during handshake and each client stays anonymous for MiTM and DPI. All settings are applied per-peer separately.
Optional ability to hide payload packets lengths by appending noise to them during transmission. Ability to generate constant packet rate traffic (CPR) that will hide even the fact of packets appearance, their timestamps.
The only platform specific requirement is TAP network interface support. API to that kind of device is different, OS dependent and non portable. So only a few operating systems is officially supported. Author has no proprietary software to work with, so currently there is lack of either popular Microsoft Windows or Apple OS X support.