-
Session Initialization:
init()function locks memory pages usingunix.Mlockall
Generates cryptographically-secure Session ID usingmemguard.NewEnclaveRandom
Establishes secure entropy source with kernel-level memory protection -
Quantum Key Exchange:
quantumKEMKeyPair()(liboqs-go) creates Kyber1024-90s keypair
Post-quantum key derivation using Argon2id with 64-byte salt (OWASP-standard parameters)
Session keys stored inmemguard.LockedBufferprotected by mlock/munlock -
Secure Session Pairing:
quantumEncapsulate()/quantumDecapsulate()implement NIST-standard KEM
Session ID binding through BLAKE2b-512 hash chaining
Mutual authentication via Dilithium5-AES signatures (PQ-safe FIPS 204 standard) -
Protected Data Transmission: Virtual keyboard integration prevents keylogging (X11 input isolation)
secureTransmission()uses XChaCha20-Poly1305 fromgolang.org/x/crypto
Memory-safe buffer handling with zero-copymemguard.Enclavesealing -
Session Termination:
memguard.Purge()implements NIST SP 800-88 memory sanitization
Kernel-level session invalidation viasyscall.MCL_FUTURElocking
Ephemeral key destruction using AES-CTR secure wipe patterns
Your Session ID:
Our Virtual Keyboard helps avoid hardware keyloggers. Right-click for secondary characters.
Virtual Keyboard (Right-click for secondary character)