[tor-bugs] #30716 [Circumvention/Obfs4]: Improve the obfs4 obfuscation protocol
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Sep 25 18:53:09 UTC 2019
#30716: Improve the obfs4 obfuscation protocol
-------------------------------------------------+-------------------------
Reporter: phw | Owner: phw
Type: task | Status:
| assigned
Priority: High | Milestone:
Component: Circumvention/Obfs4 | Version:
Severity: Normal | Resolution:
Keywords: sponsor28, anti-censorship-roadmap- | Actual Points:
october |
Parent ID: | Points: 20
Reviewer: | Sponsor:
| Sponsor28-must
-------------------------------------------------+-------------------------
Comment (by phw):
I stumbled upon an implementation issue that's also worth fixing:
obfs4proxy always closes an obfs4 connection after 30 seconds if a client
was unable to authenticate itself. This facilitates active probing
attacks. We should instead close connections after a server-specific,
randomly-determined time interval.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30716#comment:15>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list