[tor-bugs] #30716 [Circumvention/Obfs4]: Improve the obfs4 obfuscation protocol

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Sep 17 22:11:57 UTC 2019 

#30716: Improve the obfs4 obfuscation protocol
-------------------------------------------------+-------------------------
 Reporter:  phw                                  |          Owner:  phw
     Type:  task                                 |         Status:
                                                 |  assigned
 Priority:  High                                 |      Milestone:
Component:  Circumvention/Obfs4                  |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  sponsor28, anti-censorship-roadmap-  |  Actual Points:
  august                                         |
Parent ID:                                       |         Points:  20
 Reviewer:                                       |        Sponsor:
                                                 |  Sponsor28-must
-------------------------------------------------+-------------------------

Comment (by phw):

 We briefly discussed the interaction between Tor's WF defences and obfs4's
 flow obfuscation in #tor-dev. Here's a summary:
 * We want a clear separation of responsibilities: Tor's circuit padding
 defends against WF attacks while obfs4 defends against traffic
 classification.
 * We want defence in depth. If an adversary breaks obfs4, she should not
 be able to fingerprint the encapsulated Tor stream, to learn what website
 the user is visiting.
 * That said, the defence in depth should come with as little overhead as
 possible. Every padding byte (be it from obfs4 or the application) is a
 byte that is no longer goodput. If performance suffers too much, users
 will turn to other circumvention tools.

 Here are some additional research questions:

 * Both obfs4 and Tor add padding to defend against traffic classifiers and
 WF attacks, respectively. Can we combine these two systems in a smart way
 that minimises overhead while retaining our security properties? (Keep in
 mind that obfs4 is only present between client and bridge while Tor's WF
 defences may be present between client and middle relay.)

 * Can obfs4's padding negatively affect Tor's padding and vice versa?

 * How does the application data that goes into obfs4 affect our resistance
 to traffic classifiers? In other words: Is obfs4-transporting-tor more
 resistant to classifiers than obfs4-transporting-vpn?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30716#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list