Here is a trimmed abstract:
" [...] We have seen that censors have been able to do so [blocking Snowflake]
by fingerprinting the DTLS implementation that is produced by the
Pion library used by Snowflake. The aim of this thesis is to reduce the
distinguisability of said DTLS library. We developed a tool named, dfind [1]
for analyzing and finding passive field-based fingerprints of DTLS. This
tool was validated using a data set with known fingerprints, and found that
the extensions field was especially vulnerable for identification. To combat
such fingerprints, we implemented covertDTLS [2], a Go library inspired
by uTLS. Our module extends the Pion DTLS library with handshake
hooking to offer mimicry and randomization features. To ensure that
mimicking remains up-to-date, we developed a novel continuous delivery
workflow for generating fresh DTLS-WebRTC handshakes from popular
browsers. Using covertDTLS with Snowflake resulted in us not being able
to find any fingerprints."
[1]:
https://github.com/theodorsm/dfind[2]:
https://github.com/theodorsm/covert-dtlsI have only tested covertDTLS in a messy fork of Snowflake, which had promising
results. I am currently working on upgrading the Pion DTLS and WebRTC version
In addition, I plan to condense my thesis into a paper, thus making the work more
accessible. I would greatly appreciate any feedback on the thesis so that I can
address those in the paper. I am also open to collaborating on the paper,