[MaraDNS list] MaraDNS now has funding

david sevilla dsevilla00 at hotmail.com
Sun Apr 1 21:17:39 EDT 2012 

HOLY cow, congratulations and keep up the good work.

-----Original Message-----

From: Sam Trenholme
Sent: 2 Apr 2012 00:17:15 GMT
To: MaraDNS support mailing list
Subject: [MaraDNS list] MaraDNS now has funding

MaraDNS now has funding
I am very pleased to let the community of MaraDNS users know that I
have gotten a $1,048,576 USD grant from an anonymous donor. In light
of this, I will be able to implement some features I have been meaning
to implement in MaraDNS.

== DNSSEC and DNSCurve ==

First of all, this funding will give me a chance to fully implement
DNSSEC and DNSCurve. Due to the amount of code that needs to be
written, I will hire Dan Kaminsky to help me implement the DNSSEC
code, as well has contracting Daniel J. Bernstein to write the
DNSCurve code.

The code will be in separate modules and I hope it will be possible to
compile MaraDNS and Deadwood with both DNSSEC and DNSCurve support at
the same time; this is a logistical issue we will work out.

== Random number generator ==

In addition to contracting Daniel J. Bernstein to write the DNSCurve
code, I will also bring in Guido Bertoni, Joan Daemen, Michael
Peeters, and Gilles Van Assche who will work with Bernstein in
implementing a high-speed cryptographic block cipher with a 1024-bit
block size on 32-bit platforms, a 2048-bit block size on 64-bit
platforms, a 4096-bit block size on 128-bit platforms, as well as a
1152-bit block size on 36-bit platforms for our substantial number of
users who run MaraDNS and Deadwood on PDP-10s.

This block cipher primitive will be used in a sponge mode of operation
as a pseudo-random number generator for Deadwood.

We will also research making a hash compression primitive for 32-bit,
36-bit, 64-bit, and 128-bit platforms which is both very fast and
cryptographically secure from collisions as long as our attacker
doesn't know the primitive's randomly generated secret number.

== Other plans ==

I was hoping to be able to implement a 20nm 128-bit version of the
6502 processor with memory management and protected mode, as well as a
series of op codes to make processing DNS packets faster (such as
FINDDNSLABEL). Unfortunately, my anonymous donor will not give me the
$5 billion grant needed to implement this processor until our team
successfully implements DNSSEC, DNSCurve, as well as the
large-block-size cipher, not to mention the secure hash compressor.

This should all be done within a year, and I will then be able to get
a larger grant. I will let people know what that grant will let us do
a year from today, on Monday, April 1, 2013.

More information about the list mailing list