[anti-censorship-team] SCTP-Based Pluggable Transport Prototype

Sat Sep 18 19:55:23 UTC 2021

Thanks for the feedback!

You are correct in assuming that sctPT uses SCTP in the most "TCP-like"
manner. This nullifies some of SCTP's features, but one-to-one SCTP seemed
more familiar at the time and thus was easier to implement.

I am relatively sure SCTP functionality exists in Go, but whether it is a
third-party library, or a simple socket option is unbeknownst to me.

At the moment, I am not further pursuing this project's development, but
finding out whether SCTP has any utility in regard to censorship
circumvention appears to be an open question.

Thanks again,
Alex

On Tue, Sep 14, 2021 at 2:50 PM David Fifield <david at bamsoftware.com> wrote:

> On Thu, Aug 12, 2021 at 12:07:05PM -0500, Alexander Mages wrote:
> > The transport is functional but not yet tested with the Tor Browser. I
> > prototyped this transport using Ncat for SCTP and Telnet for TCP. It is
> written
> > in Python 3 and SCTP functionality was implemented using C/POSIX-like
> socket
> > parameters, removing the necessity of a third-party library.
> >
> > A write-up attached to this email denotes functionality, dependencies,
> > limitations, and instructions for running the transport.
>
> Thanks for making this contribution. I was able to get it running with a
> few tweaks to the instructions (sent to you separately).
>
> SCTP adds an interesting design dimension, because there's a separate
> layer of streams within the overall TCP connection. As I understand it,
> the sctPT client takes an incoming TCP connection and proxies it forward
> as a single SCTP stream within a single SCTP connection. (This is how
> ncat --sctp works.) An alternative design would be for the sctPT client
> to establish a single connection to the sctPT server (it could do this
> even before receiving any client TCP connections) and then forward each
> incoming connection as a separate stream within that global connection.
> See the distinction between the "one-to-one style" and "one-to-many
> style" in https://linux.die.net/man/7/sctp.
>
> As you discovered, pyptlib is unmaintained. It used to be that the
> pluggable transports shipped with Tor Browser were written in Python,
> but Python proved difficult to deploy and today it's more common to use
> Go and goptlib. I am not sure whether it is possible to use SCTP sockets
> from Go, but if it is, you can probably easily adapt the "dummy" example
> transports from goptlib to use SCTP. (In the one-to-one style, at least;
> one-to-many style would require additional refactoring.) You would have
> to change the net.Dial("tcp") and net.ListenTCP("tcp") lines:
>
> https://gitweb.torproject.org/pluggable-transports/goptlib.git/tree/examples/dummy-client/dummy-client.go?h=v1.1.0#n45
>
> https://gitweb.torproject.org/pluggable-transports/goptlib.git/tree/examples/dummy-server/dummy-server.go?h=v1.1.0#n84
>
> > The concept for this transport was derived from this wiki page:
> >
> https://gitlab.torproject.org/legacy/trac/-/wikis/doc/PluggableTransports/ideas
> .
>
> I would like to add a link to your work from this page, but
> unfortunately since the change in wiki hosting from Trac to Gitlab, I am
> not able to edit the page. Maybe we can make a new page under the
> anti-censorship namespace.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/anti-censorship-team/attachments/20210918/b60b031d/attachment.htm>