[tor-bugs] #30716 [Circumvention/Obfs4]: Improve the obfs4 obfuscation protocol

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Jun 21 22:39:59 UTC 2019


#30716: Improve the obfs4 obfuscation protocol
------------------------------------------------+--------------------------
 Reporter:  phw                                 |          Owner:  phw
     Type:  task                                |         Status:  assigned
 Priority:  High                                |      Milestone:
Component:  Circumvention/Obfs4                 |        Version:
 Severity:  Normal                              |     Resolution:
 Keywords:  sponsor28, anti-censorship-roadmap  |  Actual Points:
Parent ID:                                      |         Points:  20
 Reviewer:                                      |        Sponsor:
                                                |  Sponsor28-must
------------------------------------------------+--------------------------
Description changed by phw:

Old description:

> As part of our work for Sponsor 28, we will evaluate and improve the
> obfs4 obfuscation protocol.
>
> Roger started the discussion [https://lists.torproject.org/pipermail
> /anti-censorship-team/2019-May/000015.html on our anti-censorship-team
> mailing list]. Relevant reading is the CCS'15 paper
> [https://censorbib.nymity.ch/#Wang2015a Seeing through Network-Protocol
> Obfuscation] and the S&P'16 paper
> [https://censorbib.nymity.ch/#Tschantz2016a SoK: Towards Grounding
> CensorshipCircumvention in Empiricism].
>
> Let's use this ticket to keep track of this effort.

New description:

 As part of our work for Sponsor 28, we will evaluate and improve the obfs4
 obfuscation protocol.

 Roger started the discussion [https://lists.torproject.org/pipermail/anti-
 censorship-team/2019-May/000015.html on our anti-censorship-team mailing
 list]. Relevant reading is the CCS'15 paper
 [https://censorbib.nymity.ch/#Wang2015a Seeing through Network-Protocol
 Obfuscation] and the S&P'16 paper
 [https://censorbib.nymity.ch/#Tschantz2016a SoK: Towards Grounding
 CensorshipCircumvention in Empiricism].

 Let's use this ticket to keep track of this effort.

 Suggestions for improvement:
 * [https://trac.torproject.org/projects/tor/ticket/30716#comment:1 yawning
 writes] that obfs4 doesn't easily support backward incompatible protocol
 alterations.
 * [https://trac.torproject.org/projects/tor/ticket/30716#comment:3 yawning
 writes] that the framing could use better cryptography.
 * [https://trac.torproject.org/projects/tor/ticket/30716#comment:2 dcf
 writes] that during the handshake, the client needs to wait for the server
 before it can send more data. A [https://lists.torproject.org/pipermail
 /tor-dev/2017-June/012310.html tor-dev@] post has more detail.
 * Each obfs4 server has a unique flow signature. Can we make packet
 payload unique to each server too? For example, can we automatically
 derive a formal language, so not all obfs4 instances send high-entropy
 data?

--

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30716#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list