All Benchmarks

V100 RustTURN Security Hardening

8 phases of post-quantum security upgrades wired into the V100 TURN server. Every credential signed with Dilithium. Every hash upgraded to SHA3-256. Every media packet validated for encryption.

March 5, 2026 — Ship Night

8
Security Phases Complete
844
Tests Passing
0
Test Failures
~60µs
Dilithium Sign (ExpandedSigner)

Hardening Phases

Phase 1: SHA3-256 Audit Chain
PQ-Safe

Replaced ring::SHA256 with sha3::Sha3_256 in the security audit log hash chain. Every audit entry now uses a post-quantum safe hash function.

Before
ring::digest::SHA256
After
sha3::Sha3_256
File
audit/mod.rs
Tests
10/10
Phase 2: STUN-Layer Rate Limiting
Done

DashMap-based per-IP token bucket rate limiter on the STUN/TURN hot path. Lock-free for zero contention on UDP packet processing.

Binding Limit
100/sec per IP
Allocate Limit
10/min per IP
Data Structure
DashMap (lock-free)
Tests
9/9
Phase 3: WebSocket Hardening
Done

Origin header validation, Bearer token authentication, payload size enforcement, and SDP size limits on the signaling WebSocket.

Origin Validation
Configurable allowlist
Auth
Bearer / ?token=
WS Payload Max
100 KB
SDP Max
64 KB
Phase 4: H33 PQ Credential Wiring
Dilithium

Every TURN allocation now receives a Dilithium-signed post-quantum credential. ExpandedSigner pre-computes NTT keys at startup for ~60µs signing (vs ~244µs cold). Fail-open: standard HMAC auth continues if H33 is unavailable.

Signing
ML-DSA-65 (Dilithium)
Latency
~60µs (ExpandedSigner)
Verification
0.085µs (cached ZKP)
Design
Fail-open
Phase 5: SRTP Enforcement
Done

All relay data paths now validate packets are encrypted (SRTP/SRTCP). Plaintext RTP is dropped. Conservative heuristic: STUN, DTLS, and unknown protocols pass through.

Validation
is_likely_srtp()
RTP Min Size
23 bytes (12 hdr + 1 + 10 auth)
RTCP Min Size
26 bytes
Tests
8/8
Phase 6: API Key SHA3-256
PQ-Safe

API key hashing upgraded from ring::SHA256 to SHA3-256. Resistant to Grover's algorithm quantum speedup on hash preimage.

Before
ring::digest::SHA256
After
sha3::Sha3_256
File
apikey/mod.rs
Tests
8/8
Phase 7: Dilithium Webhook Signatures
Dilithium

Webhook payloads now dual-signed: HMAC-SHA256 (backward compat) + Dilithium ML-DSA-65 (post-quantum). Customers verify with our public key — no shared secret leakage risk.

Primary Sig
Dilithium ML-DSA-65
Fallback Sig
HMAC-SHA256
Header
X-Webhook-Signature-PQ
Tests
26/26
Phase 8: STUN Nonce SHA3 Hardening
PQ-Safe

STUN nonces now derived from SHA3-256(timestamp || 16 random bytes). Prevents nonce prediction attacks that could bypass TURN authentication challenges.

Before
{hex_timestamp}-{uuid8}
After
SHA3-256(ts || random16)
Entropy
128 bits random
Hash
SHA3-256

Crypto Upgrade Map

Component Before After H33 Primitive
Audit chain hash SHA-256 (ring) SHA3-256 PQ sha3::Sha3_256
API key hashing SHA-256 (ring) SHA3-256 PQ sha3::Sha3_256
TURN credentials HMAC-SHA1 only Dilithium + ZKP PQ ExpandedSigner
Webhook signatures HMAC-SHA256 only Dilithium + HMAC PQ ExpandedSigner
ICE credentials HMAC only HMAC + PQ credential PQ H33CredentialService
STUN nonces timestamp-uuid SHA3-256 derived PQ sha3::Sha3_256
STUN rate limiting Generic per-IP Per-method DashMap buckets DashMap
Media relay Raw UDP forward SRTP-validated forward is_likely_srtp()
WebSocket auth None Origin + Bearer token

H33 Primitives Deployed

Primitive Source Usage in V100 Performance
Dilithium ExpandedSigner src/pqc/dilithium.rs Credential signing, webhook signing, relay attestation ~60µs/sign
SHA3-256 sha3 crate Audit hashing, API key hashing, STUN nonces, credential IDs <1µs
DashMap dashmap crate STUN rate limiter, ZKP proof cache, credential revocation 0.085µs/lookup
ZKP STARK Lookup src/zkp/zk_lookup.rs Credential authorization proofs (no PII in credential) 0.085µs cached
BFV FHE src/fhe/bfv.rs Encrypted session state, homomorphic billing counters ~1,109µs/batch
Kyber Hybrid src/pqc/hybrid.rs Domain separation (build_aad), token encryption ~50µs

Implementation Timeline

Phase 1 — 5 min
SHA3-256 Audit Fix
ring::SHA256 → sha3::Sha3_256 in audit chain. 10 tests pass.
Phase 2 — 30 min
STUN Rate Limiting
DashMap per-IP token buckets. Binding: 100/s, Allocate: 10/min. 9 tests pass.
Phase 3 — 45 min
WebSocket Hardening
Origin validation, Bearer auth, 100KB WS limit, 64KB SDP limit. 27 tests pass.
Phase 4 — 1.5 hr
H33 PQ Credential Wiring
ExpandedSigner in H33CryptoContext, Dilithium credentials on every allocation + ICE config. Fail-open.
Phase 5 — 45 min
SRTP Enforcement
is_likely_srtp() on all relay paths. 8 new tests. Plaintext RTP blocked.
Phase 6 — 5 min
API Key SHA3-256
API key hashing upgraded. 8 tests pass.
Phase 7 — 20 min
Dilithium Webhook Signatures
Dual-signed webhooks: Dilithium + HMAC-SHA256. X-Webhook-Signature-PQ header. 26 tests pass.
Phase 8 — 10 min
STUN Nonce SHA3
SHA3-256(timestamp || 16 random bytes). 128-bit entropy. Nonce prediction eliminated.

Test Results

498
Library Tests
238
Binary Tests
108
Integration Tests
0
Failures
cargo test -p v100-turn

844 passed; 0 failed; 0 ignored — finished in 5.73s

© 2026 H33 — Post-Quantum Security for Real-Time Communications

All Benchmarks · h33.ai