DEV Community

Vibhanshu Garg
Vibhanshu Garg

Posted on

๐Ÿ”’ Inside MemCloudโ€™s Secure Peer Authentication: How Devices Safely Share RAM Over LAN

#memcloud #rampooling #programming #rust

When I released MemCloud (a distributed RAM engine for macOS & Linux), the biggest question I got was:

โ€œIsnโ€™t letting other devices store your RAM risky? How is it secured?โ€

So hereโ€™s a deep-dive into the authentication, encryption, and trust model behind MemCloud โ€” written for engineers who love protocols, threat models, and cryptographic design.

This post focuses purely on the Security & Authentication layer.

(If you're new to MemCloud, see the intro blog โ€” this assumes familiarity.)

๐Ÿงฉ Threat Model

Before designing the protocol, I outlined real-world LAN threats:

Threat Example
Impersonation Rogue device pretends to be a trusted peer
MITM Attack Attacker intercepts or mutates handshake traffic
Replay Attack Reusing old handshake messages
Unauthorized Memory Access Device silently joins the cluster
Session Hijacking Stealing or predicting traffic keys

MemCloudโ€™s protocol addresses all of them.

๐Ÿ›‚ 1. Persistent Identity Keys (Ed25519)

Every device has a long-term identity keypair:

~/.memcloud/identity_key
Enter fullscreen mode Exit fullscreen mode
  • Ed25519 (fast + secure)
  • Only used to sign handshake transcripts
  • Never used for encryption

This behaves like a device certificate without the complexity of PKI.

๐Ÿ” 2. Noise-Style Handshake (XX Pattern)

MemCloud uses an authentication flow inspired by the Noise Protocol Framework โ€” specifically Noise_XX, chosen because:

  • Both sides begin unauthenticated
  • Supports Trust-On-First-Use (TOFU)
  • Offers mutual authentication
  • Ensures forward secrecy

Simplified handshake:

A โ†’ B : eA, nonceA
B โ†’ A : eB, nonceB
A โ†’ B : identity proof (encrypted)
B โ†’ A : identity proof (encrypted)
Enter fullscreen mode Exit fullscreen mode

Where eA and eB are ephemeral X25519 public keys.

๐Ÿ“œ 3. Transcript Hashing

Every handshake message is hashed into a transcript:

H = Hash(H || message)
Enter fullscreen mode Exit fullscreen mode

This prevents:

  • Replay attacks
  • Downgrade attacks
  • Cross-session confusion
  • MITM tampering

The transcript is later fed into key derivation.

๐Ÿงพ 4. Encrypted Identity Proofs

Once ephemeral keys are exchanged, both sides compute:

shared_secret = DH(eA, eB)

Using this encryption key, each device sends:

signature = Sign(TranscriptHash, IdentityKey)

This signature:

  • is encrypted
  • is bound to the transcript
  • cannot be replayed
  • proves identity with forward secrecy

If signature verification fails โ†’ connection closed immediately.

๐Ÿ”‘ 5. Session Key Derivation (HKDF)

Final traffic keys are derived using:

session_key = HKDF(shared_secret + transcript_hash)

Properties:

โœ” Unique keys per session

โœ” Handshake keys โ‰  traffic keys

โœ” Forward secrecy (ephemeral DH)

โœ” Resistant to key compromise

Traffic encryption uses:

ChaCha20-Poly1305 AEAD

Perfect for high-speed LAN communication.

๐Ÿ‘ 6. Trust-On-First-Use (TOFU)

Requesting device:
Requesting device flow of consent
On first contact, the user must explicitly approve the peer:

Peer device authenticating the request access

Trusted peers are stored in:
~/.memcloud/trusted_devices.json

Future connections:

  • Still cryptographically authenticated
  • Skip interactive approval
  • Cannot be silently spoofed or replaced

๐Ÿšซ What Happens When Auth Fails?

MemCloud rejects the session if:

  • identity signature fails
  • transcript mismatch occurs
  • handshake is malformed
  • device is untrusted
  • the consent layer blocks authorization

Rejected peers cannot:

  • read your RAM
  • receive block data
  • join the cluster
  • impersonate a previous peer

๐Ÿ” Why Not TLS?

TLS is powerful, but not ideal for a P2P LAN memory engine.

โŒ Requires PKI or certificate distribution

MemCloud is designed to be zero-config.

โŒ Not optimized for TOFU

Noise is.

โŒ More overhead for LAN P2P

MemCloud aims for sub-10ms latency.

โœ” Noise-style handshake advantages:

  • Mutual authentication
  • Identity hiding
  • Forward secrecy
  • TOFU support
  • Lightweight binary protocol
  • Perfect for peer-to-peer systems

๐Ÿงช Fuzzing & Attack Testing

I tested the handshake against:

Attack Attempt Result
Replay Blocked via transcript mismatch
MITM Blocked (identity proof mismatch)
Impersonation Blocked (signature invalid)
Downgrade attempt Impossible
Payload tampering Blocked (MAC failure)

So far the protocol has held up extremely well in real-world LAN conditions.

๐Ÿ›  Security Roadmap

Planned improvements:

  • ๐Ÿ”„ Trust revocation broadcasting
  • ๐Ÿ–ฅ GUI trust manager
  • ๐Ÿ›ก Optional hardware-backed identity keys
  • ๐Ÿ” Session resumption
  • ๐Ÿ“ฆ Encrypted replication across peers

Contributors welcomed.

๐Ÿ“ฆ Source Code

๐Ÿ‘‰ Authentication Code: /memnode/src/net/auth

๐Ÿ‘‰ Main Repo: https://github.com/vibhanshu2001/memcloud

๐Ÿ‘‰ Documentation: https://memcloud.vercel.app/docs/cli
๐Ÿ‘‰ CLI Trust Manager: memcli trust

โค๏ธ Final Thoughts

MemCloud may look simple on the surface:

โ€œDevices sharing RAM over LAN.โ€

But underneath is a carefully engineered secure protocol designed to make that actually safe.

If you'd like a follow-up on the:

  • P2P binary protocol
  • memory isolation model
  • quota enforcement
  • zero-copy streaming design

Just let me know!

Top comments (0)