[MaraDNS list] MaraDNS now has funding

David Kowis dkowis at shlrm.org
Sun Apr 1 21:17:39 EDT 2012 

+1 internets

Well done :)

On 4/1/2012 7:17 PM, Sam Trenholme wrote:
> MaraDNS now has funding
> I am very pleased to let the community of MaraDNS users know that I
> have gotten a $1,048,576 USD grant from an anonymous donor. In light
> of this, I will be able to implement some features I have been meaning
> to implement in MaraDNS.
> 
> == DNSSEC and DNSCurve ==
> 
> First of all, this funding will give me a chance to fully implement
> DNSSEC and DNSCurve. Due to the amount of code that needs to be
> written, I will hire Dan Kaminsky to help me implement the DNSSEC
> code, as well has contracting Daniel J. Bernstein to write the
> DNSCurve code.
> 
> The code will be in separate modules and I hope it will be possible to
> compile MaraDNS and Deadwood with both DNSSEC and DNSCurve support at
> the same time; this is a logistical issue we will work out.
> 
> == Random number generator ==
> 
> In addition to contracting Daniel J. Bernstein to write the DNSCurve
> code, I will also bring in Guido Bertoni, Joan Daemen, Michael
> Peeters, and Gilles Van Assche who will work with Bernstein in
> implementing a high-speed cryptographic block cipher with a 1024-bit
> block size on 32-bit platforms, a 2048-bit block size on 64-bit
> platforms, a 4096-bit block size on 128-bit platforms, as well as a
> 1152-bit block size on 36-bit platforms for our substantial number of
> users who run MaraDNS and Deadwood on PDP-10s.
> 
> This block cipher primitive will be used in a sponge mode of operation
> as a pseudo-random number generator for Deadwood.
> 
> We will also research making a hash compression primitive for 32-bit,
> 36-bit, 64-bit, and 128-bit platforms which is both very fast and
> cryptographically secure from collisions as long as our attacker
> doesn't know the primitive's randomly generated secret number.
> 
> == Other plans ==
> 
> I was hoping to be able to implement a 20nm 128-bit version of the
> 6502 processor with memory management and protected mode, as well as a
> series of op codes to make processing DNS packets faster (such as
> FINDDNSLABEL). Unfortunately, my anonymous donor will not give me the
> $5 billion grant needed to implement this processor until our team
> successfully implements DNSSEC, DNSCurve, as well as the
> large-block-size cipher, not to mention the secure hash compressor.
> 
> This should all be done within a year, and I will then be able to get
> a larger grant. I will let people know what that grant will let us do
> a year from today, on Monday, April 1, 2013.
> 
> !DSPAM:2,4f78f009135232628239487!
>

More information about the list mailing list