NNCP 8.8.0 removes BLAKE2, adds support for multicast groups, and more

Darkcrizt

4 minutes

NCCP

NNCP is a set of utilities that facilitate the secure exchange of files and mail in save-and-forward mode.

The release of the new version of the set of utilities, NNCP 8.8.0, was announced, a version in which a huge number of changes have been integrated and, above all, improvements and bug fixes, of which perhaps one of the most important is that instead of BLAKE2b, the so-called MTH is used, among others.

In NNCP the utilities are intended to help to build small friend-to-friend networksF2F) with static routing for secure file transfers in fire-and-forget mode, as well as file requests, email, and command execution requests. All transmitted packets are encrypted (end-to-end) and explicitly authenticated by known public keys.

Main novelties of NNCP 8.8.0

In this new version that is presented, it is now possible discover other nodes on the local network via multicast at address "ff02::4e4e:4350", in addition to multicast groups appeared, that allow a packet to send data to many members of the group, where each also transmits the packet to other signers. Reading a multicast packet requires knowledge of the key pair (must be a member of the group explicitly), but any node can perform the retransmission.

Another novelty that stands out is that added support for explicit acknowledgment of packet receipt. The sender can choose not to drop the packet after it has been sent, waiting for a special ACK packet to be received from the receiver.

In addition to this, it also highlights the built-in support for Yggdrasil's overlay network - Online daemons can act as full-fledged independent network participants, without using third-party Yggdrasil implementations, and work full-fledged with the IP stack in a virtual network interface.

The functions BLAKE2b KDF and XOF have been superseded by BLAKE3 to reduce the number of cryptographic primitives used and simplify the code.

Instead of the BLAKE2b hash, the so-called MTH (Merkle Tree-based Hashing) to check the integrity of the files, using the BLAKE3 hash. This allows the integrity of the encrypted part of the package to be calculated during download, without the need to read it later. It also allows unlimited parallelization of integrity checks.

El new encrypted packet format it fully supports streaming when the size of the data is not known in advance. The transmission completion signaling, with an authenticated size, goes right inside the encrypted stream.

Alternatively, instead of structured strings (RFC 3339), logging uses log file entries, which can be used with the GNU Recutils utilities, optionally encrypted packet headers can be stored in separate files in the " hdr/", which greatly speeds up package listing operations on large block file systems like ZFS. Previously, packet header retrieval required, by default, only a 128 KiB block to read from disk.

Also in this new edition of NNCP 8.8.0, inline utilities can optionally invoke the package release process immediately after a successful download of a package, without running a separate "nncp-toss" daemon.

Of the other changes highlights of this new release:

  • An online call to another party can optionally occur not only when the timer is triggered, but also when an outgoing packet appears in the queue directory.
  • Checking for new files can optionally use kqueue and inotify kernel subsystems, making fewer system calls.
  • Utilities keep fewer files open, they are less likely to be closed and reopened. With a large number of packages, it was previously possible to run into a limit on the maximum number of open files.
  • Many commands began to show the progress and speed of operations, such as downloading/uploading, copying, and processing (launching) packages.
  • The "nncp-file" command can send not only individual files, but also directories, creating a pax file with its contents on the fly.
  • Functionality is provided on the NetBSD and OpenBSD operating systems, in addition to FreeBSD and GNU/Linux, which were previously supported.

How to install NNCP on Linux?

The installation of this utility is quite simple, we just have to count on Go already installed on the system and obtain the latest version of NNCP which is 8.8.0. This can be obtained from the terminal with the wget command in the following way:

wget http://www.nncpgo.org/download/nncp-8.8.0.tar.xz
wget http://www.nncpgo.org/download/nncp-8.8.0.tar.xz.sig
gpg --verify nncp-8.8.0.tar.xz.sig nncp-8.8.0.tar.xz
xz --decompress --stdout nncp-8.8.0.tar.xz | tar xf -
make -C nncp-8.8.0 all

After that they can start with the configuration, from which they can find the necessary information In the following link.

And also on the main page that is the next.


Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.