SigmaVPN is simple, light-weight and modular VPN software for UNIX systems, deploying the NaCl encryption library. It's easy to configure, has low overheads and is reliable.
The nacltai protocol, as seen in QuickTun, employs the strong curve25519xsalsa20poly1305 public key encryption scheme provided by the NaCl library. It has a time-based nonce, which provides built-in resistance against replay attacks and removes the requirement for session rekeying.
- libsodium Cryptographic Library, now used in SigmaVPN in C
- NaCl Networking and Cryptography Library, the original implementation of the crypto
- JNaCl, our Java port of the necessary NaCl primitives for SigmaVPN for Android
SigmaVPN's nacltai protocol is stateless, and as a result, is not subject to "broken" or "dropped" tunnels. Packets are encrypted and sent only as and when they are required. Negotiation-less static configuration makes it harder to identify a SigmaVPN tunnel through packet filtering.
At only a few hundred lines of code, SigmaVPN is simple and effective, running a single tunnel in less than a single megabyte of RAM. The modular design means that new interfaces and encryption schemes can easily be written and "plugged in" to SigmaVPN, and can be ported to new operating systems and embedded devices easily.
SigmaVPN ventures into the mobile realm. You can now establish point-to-point tunnels on your Android 4.0 (or later) device with the native Android application, with automatic WiFi/3G handover and battery life optimisations.