[tor-bugs] #29077 [Obfuscation/meek]: uTLS for meek-client camouflage
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Jan 22 05:57:17 UTC 2019
#29077: uTLS for meek-client camouflage
------------------------------+---------------------
Reporter: dcf | Owner: dcf
Type: enhancement | Status: new
Priority: Medium | Milestone:
Component: Obfuscation/meek | Version:
Severity: Normal | Resolution:
Keywords: moat utls | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
------------------------------+---------------------
Comment (by dcf):
Yeah I did some tests today with `HelloRandomizedNoALPN`, 400 trials
against each of 3 servers.
||||=**ajax.aspnetcdn.com** =||
|| 284||no error ||
|| 80||remote error: tls: handshake failure ||
|| 36||tls: server selected unsupported group ||
||||=**golang.org** =||
|| 335||no error ||
|| 65||remote error: tls: handshake failure ||
||||=**www.cloudflare.com** =||
|| 400||no error ||
`HelloRandomizedNoALPN` [https://github.com/refraction-
networking/utls/blob/a89e7e6da482a5a0db02578fc606ace9ccfbea62/u_parrots.go#L557-L564
unconditionally includes] sec256r1 and sec384r1, but it doesn't seem to
cause a problem unless it also happens to choose TLSv1.3 (which
`Firefox_60` always does). 100% of the failures used a fingerprint with
TLSv1.3, while only 28% of the successes did. I haven't dug deeper to see
what the difference between the success and failure TLSv1.3 handshakes is.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29077#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list