[tor-talk] Pluggable Transports and DPI
David Fifield
david at bamsoftware.com
Sat May 21 01:42:57 UTC 2016
On Wed, May 11, 2016 at 07:40:17PM -0700, David Fifield wrote:
> On Sun, May 08, 2016 at 01:37:47PM -0700, David Fifield wrote:
> > With the meek blocking, it might be that they are doing some kind of
> > timing analysis, or it might be that we screwed up something simple like
> > the TLS signature. Could you try it in these configurations?
> > Tor Browser 5.5.5 https://blog.torproject.org/blog/tor-browser-555-released
> > Tor Browser 6.0a5 https://blog.torproject.org/blog/tor-browser-60a5-released
> > meek_lite in obfs4proxy
> > TB 6.0a5 uses a different version of Firefox than 5.5.5, so the TLS
> > signature might be different (I haven't checked yet). To run meek_lite,
> > use a torrc file like this one:
> > UseBridges 1
> > ClientTransportPlugin meek_lite exec ./obfs4proxy
> > Bridge meek_lite 0.0.3.0:5 url=https://meek-reflect.appspot.com/ front=www.google.com
>
> Justin helped me by running some tests and we think we know how this
> Cyberoam device is blocking meek connections. It blocks TLS connections
> that have the Firefox 38's TLS signature and that have an SNI field that
> is one of our front domains: www.google.com, a0.awsstatic.com,
> ajax.aspnetcdn.com.
If you're curious about what changed in the TLS fingerprint between
Firefox 38 and 45, I did a dissection of the first client hello. The
only difference is in the Application Layer Protocol Negotiation
extension (RFC 7301). The new fingerprint omits support for draft
versions of HTTP/2 (h2-14, h2-15, h2-16).
https://trac.torproject.org/projects/tor/wiki/doc/meek/SampleClientHellos#Firefox38.8.0esronDebianstretchsid2016-05-20
https://trac.torproject.org/projects/tor/wiki/doc/meek/SampleClientHellos#Firefox45.0.2esronDebianstretchsid2016-05-20
Secure Sockets Layer
TLSv1.2 Record Layer: Handshake Protocol: Client Hello
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
- Length: 205
+ Length: 187
Handshake Protocol: Client Hello
Handshake Type: Client Hello (1)
- Length: 201
+ Length: 183
Version: TLS 1.2 (0x0303)
Random
- GMT Unix Time: Jul 7, 2073 20:16:39.000000000 PDT
- Random Bytes: ffb333dea40c3d3d9b1fec5a4597a4775586382abfe0ee05...
+ GMT Unix Time: Feb 20, 2060 19:25:19.000000000 PST
+ Random Bytes: 54f218375ad711853b36f8becbd4b085f0e3f53bb48d4149...
Session ID Length: 0
Cipher Suites Length: 22
Cipher Suites (11 suites)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033)
Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)
Compression Methods Length: 1
Compression Methods (1 method)
Compression Method: null (0)
- Extensions Length: 138
+ Extensions Length: 120
Extension: server_name
Type: server_name (0x0000)
Length: 23
Server Name Indication extension
Server Name list length: 21
Server Name Type: host_name (0)
Server Name length: 18
Server Name: ajax.aspnetcdn.com
Extension: renegotiation_info
Type: renegotiation_info (0xff01)
Length: 1
Renegotiation Info extension
Renegotiation info extension length: 0
Extension: elliptic_curves
Type: elliptic_curves (0x000a)
Length: 8
Elliptic Curves Length: 6
Elliptic curves (3 curves)
Elliptic curve: secp256r1 (0x0017)
Elliptic curve: secp384r1 (0x0018)
Elliptic curve: secp521r1 (0x0019)
Extension: ec_point_formats
Type: ec_point_formats (0x000b)
Length: 2
EC point formats Length: 1
Elliptic curves point formats (1)
EC point format: uncompressed (0)
Extension: SessionTicket TLS
Type: SessionTicket TLS (0x0023)
Length: 0
Data (0 bytes)
Extension: next_protocol_negotiation
Type: next_protocol_negotiation (0x3374)
Length: 0
Extension: Application Layer Protocol Negotiation
Type: Application Layer Protocol Negotiation (0x0010)
- Length: 41
- ALPN Extension Length: 39
+ Length: 23
+ ALPN Extension Length: 21
ALPN Protocol
- ALPN string length: 5
- ALPN Next Protocol: h2-16
- ALPN string length: 5
- ALPN Next Protocol: h2-15
- ALPN string length: 5
- ALPN Next Protocol: h2-14
ALPN string length: 2
ALPN Next Protocol: h2
ALPN string length: 8
ALPN Next Protocol: spdy/3.1
ALPN string length: 8
ALPN Next Protocol: http/1.1
Extension: status_request
Type: status_request (0x0005)
Length: 5
Certificate Status Type: OCSP (1)
Responder ID list Length: 0
Request Extensions Length: 0
Extension: signature_algorithms
Type: signature_algorithms (0x000d)
Length: 22
Signature Hash Algorithms Length: 20
Signature Hash Algorithms (10 algorithms)
Signature Hash Algorithm: 0x0401
Signature Hash Algorithm Hash: SHA256 (4)
Signature Hash Algorithm Signature: RSA (1)
Signature Hash Algorithm: 0x0501
Signature Hash Algorithm Hash: SHA384 (5)
Signature Hash Algorithm Signature: RSA (1)
Signature Hash Algorithm: 0x0601
Signature Hash Algorithm Hash: SHA512 (6)
Signature Hash Algorithm Signature: RSA (1)
Signature Hash Algorithm: 0x0201
Signature Hash Algorithm Hash: SHA1 (2)
Signature Hash Algorithm Signature: RSA (1)
Signature Hash Algorithm: 0x0403
Signature Hash Algorithm Hash: SHA256 (4)
Signature Hash Algorithm Signature: ECDSA (3)
Signature Hash Algorithm: 0x0503
Signature Hash Algorithm Hash: SHA384 (5)
Signature Hash Algorithm Signature: ECDSA (3)
Signature Hash Algorithm: 0x0603
Signature Hash Algorithm Hash: SHA512 (6)
Signature Hash Algorithm Signature: ECDSA (3)
Signature Hash Algorithm: 0x0203
Signature Hash Algorithm Hash: SHA1 (2)
Signature Hash Algorithm Signature: ECDSA (3)
Signature Hash Algorithm: 0x0402
Signature Hash Algorithm Hash: SHA256 (4)
Signature Hash Algorithm Signature: DSA (2)
Signature Hash Algorithm: 0x0202
Signature Hash Algorithm Hash: SHA1 (2)
Signature Hash Algorithm Signature: DSA (2)
More information about the tor-talk
mailing list