<div dir="ltr">Hi Marc,<div><br></div><div>Thanks for doing this work, I'm excited to see what you learn this summer.</div><div><br></div><div>However, I'm a bit confused by statements like: "<span style="font-size:13px;color:rgb(0,0,0);font-family:arial,sans-serif">The idea is to implement a set of primitives that </span><span style="font-size:13px;color:rgb(0,0,0);font-family:arial,sans-serif">any link padding-based defense would benefit [from]."</span></div>
<div><span style="font-size:13px;color:rgb(0,0,0);font-family:arial,sans-serif"><br></span></div><div><span style="font-size:13px;color:rgb(0,0,0);font-family:arial,sans-serif">Can you provide </span>a high-level diagram that explains where your work will live in the network stack? (Doesn't need to be fancy, even a pencil+paper diagram scanned.) Specifically, is it your goal to build a link-padding PT that's composable with other PTs?</div>
<div><div><br></div><div>-Kevin</div></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Fri, May 30, 2014 at 9:05 AM, Marc Juarez <span dir="ltr"><<a href="mailto:Marc.JuarezMiro@esat.kuleuven.be" target="_blank">Marc.JuarezMiro@esat.kuleuven.be</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">-----BEGIN PGP SIGNED MESSAGE-----<br>
Hash: SHA1<br>
<br>
Hi all,<br>
<br>
I am a GSoC student working in a new PT for the development of future<br>
Website Fingerprinting countermeasures in Tor.<br>
<br>
The PT is not targeting any specific defense, but to link padding<br>
defenses in general. The idea is to implement a set of primitives that<br>
any link padding-based defense would benefit of.<br>
<br>
In this email I provide a more detailed description of these primitives<br>
and give a short update about their state. I forked the obfsproxy repo<br>
and made it publicly available in bitbucket:<br>
<br>
<a href="https://bitbucket.org/mjuarezm/obfsproxy-wfpadtools" target="_blank">https://bitbucket.org/mjuarezm/obfsproxy-wfpadtools</a>.<br>
<br>
I would appreciate comments from the Tor development community. I'm<br>
specially looking for advices that help me generalizing the padding<br>
module (padutils) and comments about the primitives I describe below.<br>
<br>
The envisaged primitives are:<br>
<br>
1. A general padding class that provides methods to pad the link<br>
<br>
This part is almost finished. For that I reused the Scramblesuit's<br>
probdist and fifobuffer modules to buffer and flush data according to a<br>
given probability distribution.<br>
<br>
Using this class I have implemented a simple version of BuFLO (which is<br>
also included in the padutils module).<br>
<br>
2. Create a framing layer for the PT<br>
<br>
This layer would allows to signal padding messages so that they can be<br>
filtered out. I have to implement the protocol's message scheme so I can<br>
parse the flags in the header and get rid of the padding messages.<br>
<br>
3. Implement the state machine of the basic padding protocol.<br>
<br>
BuFLO assumes that there exists a mechanism to detect the beginning and<br>
end visits. I would implement this using a new state in the protocol's<br>
state machine (ST_VISITING), but I still need to find a way to signal<br>
the beginning and the end of each visit.<br>
<br>
4. Implement the protocol's handshake.<br>
<br>
I took a look to the Scramblesuit's handshake.The handshake of this<br>
protocol would boil down to the negotiation of the parameters (e.g.,<br>
probability distributions) for the padding.<br>
<br>
5. Implement a flow control protocol<br>
<br>
This would adjust the padding parameters while running. The fifobuffer<br>
we are currently using helps queuing the messages but we will need an<br>
extra logic to detect congestion.<br>
<br>
6. Padding operations<br>
<br>
We will implement padding operations that might be handy for the future<br>
countermeasure. For example, one possible operation could be to specify<br>
the number of cells to send in response to a padding cell request.<br>
<br>
7. A module to test protection against Website Fingerprinting<br>
<br>
This module would leverage the Peekaboo's framework by Dyer et al. (we<br>
may consider to extend it to include the newest Website Fingerprinting<br>
attacks).<br>
<br>
Best,<br>
- --<br>
marc<br>
-----BEGIN PGP SIGNATURE-----<br>
Version: GnuPG v1.4.11 (GNU/Linux)<br>
Comment: Using GnuPG with Thunderbird - <a href="http://www.enigmail.net/" target="_blank">http://www.enigmail.net/</a><br>
<br>
iQEcBAEBAgAGBQJTiKxFAAoJEGfJ5xfgazlxw70H/1EbzYOuhLwDe5xdLiz/Pn3z<br>
UrXV+GCPG+Wa3SiQOFqCqSKn9D/E0dwLLZKcG/zE9F8wZeSbtjlDIBn4NNUwMzz3<br>
XMfCHcohxLHtKFwhTncHkTvEn6ZI1IzAUn1wCHdNWVGoTfVVuY5RtNKF0F0IxBBf<br>
IE1mEFoM1wKzmQIFvB/MkPlLo65Ilhwv20GHgqGwDpKXYwBROBHR7CLn29oL/GB8<br>
lZWVm0ZeDB0wtqjdPqxh9g2nEoxQR83BzJHeos+fue1onnZw+L23gbzfIvznjuL5<br>
47Yed3T4l1q1k1i56G96/CoBIFlBboKfz5WhJ0dnDz2p4s996BNNIazxNybenjU=<br>
=5LGv<br>
-----END PGP SIGNATURE-----<br>
_______________________________________________<br>
tor-dev mailing list<br>
<a href="mailto:tor-dev@lists.torproject.org">tor-dev@lists.torproject.org</a><br>
<a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev" target="_blank">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev</a><br>
</blockquote></div><br></div>