*** Sagar Acharya [2023-10-14 13:17]: >So, a network which before transmitting a packet, encrypts it with the >recipients' public key and broadcasts it with recipients id as header, say >like,
Pay attention that using asymmetric cryptography is pretty CPU consuming task. Using it for each IP packet (or TCP segment, UDP datagram, whatever) is pretty harsh. Moreover if you use modern ECC-based algorithm like curve25519 (that is magnitudes faster than RSA for example, and has pretty compact public keys), then take into account that it can not "encrypt" data, but only to exchange/derive the shared key between the sender and recipient, so you will have to send ephemeral public key with each packet, that will also take at least 32 bytes of the payload more. Like "crypto_box" of NaCl does: https://nacl.cr.yp.to/box.html So if you want usable efficiency, in general you have to do some kind of the handshake, to share the common cryptographic state and then use efficient symmetric cryptography further, like nearly all transport protocols do. Maybe something like Yggdrasil would be interesting to you: https://yggdrasil-network.github.io/ Each peer has its own public/private keypair and corresponding IPv6 address (from 200::/7 space) is derived from the public key. So you can directly communicate with the peer knowing that address in advance. Yggdrasil implementations can discover each other other the multicast IP network (Ethernet/WiFi) without any additional configuration, transparently building the meshed interconnected overlay network. Basically no configuration required (IPv6 link-local addresses should be always present on network interfaces, link-scope multicast packets will find Yggdrasil capable nodes nearby) and you can transparently communicate with each node by its 200::/7 IPv6 address. -- Sergey Matveev (http://www.stargrave.org/) OpenPGP: 12AD 3268 9C66 0D42 6967 FD75 CB82 0563 2107 AD8A
