Hey,
el3xyz <el3...@protonmail.com> writes: > [...] > To make detection more difficult two things are being done > * handshake initiation, response and cookie messages are padded with random > sized garbage > * Up to 192 bytes of each message is encrypted with obfuscation key derived > from peer public key (different keys are used in different directions). > [...] I did not have a look at the code itself, but travelling around the world, I appreciate the direction a lot. While from a safety perspective this does not anything, it can add a lot to the usability / being able to use wireguard at all. I'd appreciate if wireguard upstream would take this in, maybe even supporting multiple / dynamic listen ports. Best regards, Nico -- Sustainable and modern Infrastructures by ungleich.ch