[tor-bugs] #22945 [Obfuscation/Snowflake]: End-to-end confidentiality for Snowflake client registrations
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Jul 15 21:29:35 UTC 2017
#22945: End-to-end confidentiality for Snowflake client registrations
---------------------------------------+-----------------
Reporter: dcf | Owner:
Type: enhancement | Status: new
Priority: Medium | Milestone:
Component: Obfuscation/Snowflake | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
---------------------------------------+-----------------
Client requests sent to the /client broker endpoint use TLS to the front
domain, and TLS from the front to the broker, but the fronting service
itself (e.g. App Engine) can inspect them in plaintext. The fronting
service unavoidably gets to learn the IP addresses of clients, but we
could encrypt the additional metadata that appears in the registration
messages.
I was thinking of giving the broker a private key and wrapping client
registrations in a [https://godoc.org/golang.org/x/crypto/nacl/box NaCl
box].
This is roughly how it worked in flash proxy. The facilitator had a
private RSA key, and client registration methods were encrypted before
being posted to the facilitator.
https://gitweb.torproject.org/flashproxy.git/tree/facilitator/facilitator.cgi?id=1.4#n60
The actual key material was isolated into a facilitator-reg-daemon process
that was separated from the web server and facilitator CGI:
https://gitweb.torproject.org/flashproxy.git/tree/facilitator
/facilitator-reg-daemon?id=1.4
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22945>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list