Calls:

Send in your ideas. Deadline August 1st, 2020.

 


Help grow the future

Your donations make a difference:
Donate today or Help fundraising



Vita

Last update: 2018/02/01

Vita

[Vita -- concluded on 2019/05/01]

VPN technology is a key enabler for end user security in insecure environments. Vita aims to achieve high performance (beyond 10G speeds) on commodity server hardware. Vita is intended to be both simple in terms of code, as well as in terms of deployment, and non-invasive to deploy in existing networks. Vita also strives to be affordable, in terms of both energy footprint and cost of maintenance: its goal is to make the best possible use of commodity hardware while remaining easy to deploy safely./p>

Vita components

Features:

  • Runs on commodity hardware
  • Implements IPsec for IPv4, specifically IP Encapsulating Security Payload (ESP) in tunnel mode (audit needed)
  • Uses optimized AES-GCM 128-bit encryption based on a reference implementation by Intel for their AVX2 (generation-4) processors
  • Suitable for 1-Gigabit, 10-Gigabit (and beyond?) Ethernet
  • Automated key exchange and rotation, with perfect forward secrecy (PFS) (audit needed)
  • Dynamic reconfiguration (update routes while running)
  • Strong observability: access relevant statistics of a running Vita node

Vita is supported by NLnet and the Internet Hardening Fund.