Secure. Zero-Allocation. Quantum-Ready Concepts.
Aether is an experimental, research-grade network protocol designed for Secure Drone Swarms, IoT Grids, and Critical Infrastructure.
It replaces traditional AES encryption with Chaos Theory (Lorenz/Sine Maps) accelerated by AVX-512 intrinsics, ensuring microsecond-latency security.
Aether is built on a "Zero-Allocation" philosophy. It uses System.IO.Pipelines to process network streams without unnecessary memory copying, making it ideal for high-throughput scenarios.
Aether combines standard elliptic curve cryptography with chaos theory:
- Authentication (Handshake): Uses ECDH (NIST P-256) to establish a secure channel. No keys are ever transmitted over the network; only public parameters are exchanged.
- Encryption (Transport): Once the Shared Secret is derived, Aether switches to Chaotic Stream Cipher mode.
- Chaos Seeding: The chaotic map (e.g., Sine Map) is seeded using
HMAC-SHA256(SharedSecret + IV).
sequenceDiagram
participant Client
participant Network
participant Server
Note over Client, Server: 1. Secure Handshake (ECDH)
Client->>Network: Send Client Public Key
Network->>Server: [Packet: Handshake]
Server->>Server: Derive Shared Secret
Server->>Network: Send Server Public Key
Network->>Client: [Packet: Handshake]
Client->>Client: Derive Shared Secret
Note over Client, Server: 2. Chaos-Encrypted Tunnel Established
Client->>Client: Generate IV & Chaos Stream
Client->>Client: XOR Data with Chaos Stream
Client->>Network: [Header + IV + EncryptedPayload]
Network->>Server: TCP Stream
Server->>Server: Re-generate Chaos Stream (using Secret+IV)
Server->>Server: Decrypt Payload (XOR)
Aether uses a custom binary protocol optimized for parsing speed.
| Offset | Field | Size | Type | Description |
|---|---|---|---|---|
| 0 | Magic | 4 B | uint |
Protocol signature (0x41455448 - "AETH") |
| 4 | Type | 1 B | enum |
Packet Type (0x01: Handshake, 0x02: Data) |
| 5 | Length | 4 B | int |
Size of the Payload |
| 9 | IV | 16 B | byte[] |
Initialization Vector (Salt for Chaos Engine) |
| 25 | Payload | N | byte[] |
ECDH Public Key or Encrypted Data |
- .NET 10 SDK (LTS) or higher.
- CPU with AVX2 support (AVX-512 recommended for maximum chaos throughput).
Aether depends on the custom ChaoticEngine library. For ease of use, the package and a configuration file are included in this repository.
- Clone the repository:
git clone https://github.com/umitkrkmz/Aether.git
cd Aether- Restore and Build: The included
nuget.configwill automatically locate theChaoticEnginepackage in the./LocalPackagesdirectory.
dotnet build -c ReleaseRunning the CLI Aether comes with a built-in CLI tool for testing the grid.
- Start the Server (Listener)
dotnet run --project src/Aether.CLI
# Select [S] in the menu- Start the Client (Sender) Open a new terminal:
dotnet run --project src/Aether.CLI
# Select [C] in the menu
# Enter Server IP (Default: 127.0.0.1)Using the Aether Networking API in your own projects:
using Aether.Networking;
// --- SERVER SIDE ---
var server = new AetherServer(port: 5000);
await server.StartAsync(); // Starts listening and handling ECDH handshakes
// --- CLIENT SIDE ---
using var client = new AetherClient();
await client.ConnectAsync("127.0.0.1", 5000);
// The client automatically performs the handshake on connect.
// Now we can send secure data:
byte[] secretPlans = File.ReadAllBytes("plans.topsecret");
await client.SendDataAsync(secretPlans); // Encrypted with Chaos EngineThis protocol is engineered for scenarios where standard SSL/TLS is too heavy or where "Moving Target Defense" (Chaos) is required.
-
Drone Swarm Communication: Lightweight encryption for UAVs communicating in a mesh.
-
IoT Grids: Secure command & control for embedded devices.
-
Steganography Transport: Future versions will support embedding encrypted packets into image/audio streams.
This is a research project. While it implements standard ECDH for key exchange, the Chaos-based encryption is an experimental implementation demonstrating the performance capabilities of the ChaoticEngine library. It is not intended to replace TLS 1.3 in banking applications (yet).