[tor-relays] Snowflake PT

teor teor at riseup.net
Wed Aug 22 23:17:46 UTC 2018 

Hi,

I don’t know about the current deployment plan for Snowflake, but I
can point you to the relevant parts of the git repository:

> On 22 Aug 2018, at 07:58, Nathaniel Suchy <me at lunorian.is> wrote:
> 
> Tor Browser 8 Alpha includes the Snowflake PT as it comes near a final release, the adoption and usage of the Snowflake PT will continue to rise. I now have the following questions...
> 
> 1) Will a command line tool like an obfs4proxy come out so those of us with infrastructure can run high capacity snowflake bridges.

Like Meek, Snowflake is a 3-component transport:

User -> Proxy -> Bridge

The command-line Snowflake Proxy is here:

https://gitweb.torproject.org/pluggable-transports/snowflake.git/tree/proxy-go

It will automatically be distributed to users using the same broker.

I am not sure if the default broker is the broker used by TBB users.
You should ask tbb-dev at lists.torproject.org , or copy the
configuration from the snowflake Proxy website.

The Snowflake Bridge pluggable transport is here:
https://gitweb.torproject.org/pluggable-transports/snowflake.git/tree/server

However, your bridge needs to be distributed to users:
* if you want to run a private bridge, just tell those users yourself
* there is no automatic distribution, because BridgeDB does not support
  snowflake: https://bridges.torproject.org/options
* if you want to run a TBB bridge, write to:
  tbb-dev at lists.torproject.org

> 2) Is the goal to replace OBFS4 with Snowflake or will they continue to co-exist?

I’m not sure that any decisions have been made yet.

But my understanding is that Meek won’t work soon, because many sites
don’t support domain fronting.

So I think the goals are:
* replace Meek with Snowflake
* replace obfs4 with some better protocol

> 3) How does Snowflake attempt to obfuscate, if at all it's traffic? How strong is the cryptography compared to obfs4proxy

Snowflake’s components use TLS for point-to-point connections.

Inside Snowflake, client to relay connections have all the standard
tor encryption.

I don’t know what obfuscation Snowflake uses, but you could read the
code or documentation, and let us know. (Or wait for someone else to
respond.)

T

--
teor

Please reply @torproject.org
New subkeys 1 July 2018
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
----------------------------------------------------------------------

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20180823/063beb8c/attachment.sig>

More information about the tor-relays mailing list