commit fff52d137c564b5966ff971cbe5ad94afea750ef Author: George Kadianakis desnacked@riseup.net Date: Thu Jan 12 15:27:19 2012 +0200

Update README and remove the philosophical threat model. --- README | 20 +++----- doc/THREAT_MODEL_PHILOSOPHICAL | 99 ---------------------------------------- 2 files changed, 7 insertions(+), 112 deletions(-)

diff --git a/README b/README index b69b65c..ef5ad93 100644 --- a/README +++ b/README @@ -1,17 +1,11 @@ -This doesn't work yet. +obfsproxy: a pluggable transports proxy

-It requires OpenSSL 0.9.7 or later. (I would require 0.9.8, but that would -break OSX 10.5.) +obfsproxy is a pluggable transports proxy written in C. It's compliant +to the Tor pluggable transports specification, and its modular +architecture allows it to support multiple pluggable transports.

-It requires Libevent 2.0 or later. +To build obfsproxy from source: + ./autogen.sh && ./configure && make

-See doc/protocol-spec.txt for the protocol design. It is based on brl's -obfuscated openssh protocol. +See doc/ for more obfsproxy information.

-See doc/TODO for open tasks. - -This project might get renamed to "twobfuscate", depending. - -Happy hacking! - - -- nickm diff --git a/doc/THREAT_MODEL_PHILOSOPHICAL b/doc/THREAT_MODEL_PHILOSOPHICAL deleted file mode 100644 index d67af1b..0000000 --- a/doc/THREAT_MODEL_PHILOSOPHICAL +++ /dev/null @@ -1,99 +0,0 @@ - Role of this document - -The role of this document is to give a clear image of what obfs2 -provides to a censored Tor user. -The role of this document is *not* to describe the censorship ecosystem, -or to analyze the full threat model of Tor. - - Terminology -* Censorship: - 'Censorship is the suppression of speech or other public - communication which may be considered objectionable, harmful, - sensitive, or inconvenient to the general body of people as - determined by a government, media outlet, or other controlling - body.' -* Anonymity - Anonymity is the state of an individual's personal identity being - publicly unknown. Anonymity does not imply Privacy. -* Tor - Tor is a software system and a computer network intended to provide - online anonymity. It's main application is 'tor'. -* Privacy - Privacy is used to prevent the disclosure of information to - unauthorized individuals or systems. Privacy does not imply - Anonymity. -* Tor bridge - A Tor bridge is a component of the tor network that is not publicly - announced as part of it. It's main purpose is Censorship - circumvention since finding and blocking a bridge is considered - non-trivial. -* obfsproxy - obfsproxy is an application that accepts data as input and can - reshape it into another form. - When used with tor, it can transform tor's traffic into other - protocols in the hope of dodging Censorship. -* obfs2 - obfs2 is a protocol supported by obfsproxy. It shapes data by - encrypting them with a stream cipher with a randomly generated - key. It also supports pre-shared passwords. - - Players: -* Censored tor/obfsproxy user: - A censored tor/obfsproxy user is an Internet user that is censored - by 'A Man In The Middle'. He wants to use tor to achieve anonymity, - but he also needs privacy, to hide the fact that he is using Tor. -* Bridge Operator: - A bridge operator is a person who runs a tor bridge and has - successfully given to the 'Censored tor/obfsproxy user' the necessary - information so that the latter can access the bridge service. -* A Man In The Middle (MITM): - A MITM is a person or a group of people who have the power to - apply Censorship. - - What Tor does and does not provide: - -Once he is a member of the Tor network a censored Tor user can expect -low-latency anonymity. A Tor user can also expect Privacy with regards -to A Man In The Middle, when he is a member of the Tor network. - -The problem is that before and while becoming a member of the Tor -network the user is *not* anonymous and his communications with the -Tor network are *not* private. This allows A Man In The Middle to -identify the Tor user and censor him/her. - - What obfs2 does and does not provide: - -A Tor user using obfs2 with a Tor Bridge *without* a pre-shared password -can expect low quality privacy on his communications with the Tor -network before becoming part of it. -'low quality privacy' means that A Man In The Middle who has studied -the obfs2 protocol can easily decipher it, effectively extinguishing -the privacy. - -A Tor user using obfs2 with a Tor Bridge *with* a pre-shared password -can expect modest privacy on his communications with the Tor network -before becoming part of it. -'modest privacy' means that A Man In The Middle who has studied the -obfs2 protocol should not be able to decipher it. -Still one should know that: -* Because of the nature of the protocol, it is susceptible to offline - password cracking attacks. -* It is the responsibility of the user and the bridge operator to - decide upon a strong pre-shared password. - -After becoming part of the Tor network, the user is considered -anonymous and his communication private, with regards to A Man In The -Middle, under normal circumstances. - -Since the realm of anti-censorship is quite young and -not well studied, the obfs2 user should be aware that there are known -and unknown attacks that can potentially identify obfs2 and can be -deployed by A Man In The Middle. Known attacks like that include -entropy counting and timing attacks. - -Additionally, a Tor user using obfs2 with a Tor bridge must *not* -expect additional entity authentication, data integrity, availability -or deniability. - -Finally, a Tor user using obfs2 with a Tor bridge must *not* expect -protection from flows of the Tor protocol.