[tor-talk] Building a new censorship circumvention tool: what do we need to know?
m.ajiao at tuta.io
m.ajiao at tuta.io
Mon Feb 20 21:03:07 UTC 2017
Very interesting design!
For a censorship circumvention tool to work in China, you need to follow these necessary guidelines:
1. Obfuscation and anti-DPI. Have a look at shadowsocks. ( https://github.com/shadowsocks/shadowsocks/tree/master ) It is an obfuscated proxy. Handshakes and application data are AES encrypted without fixed header. Recently they added fake HTTP header to get around simple DPI rules. This is not enough though.
There is an experimental pluggable transport designed specifically to get around DPI, called Dust ( https://github.com/blanu/Dust ) Unfortunately it became inactive.
2. Simulate Meek design and Collateral Freedom ( https://en.greatfire.org/blog/2015/mar/collateral-freedom-and-not-so-great-firewall ) The Great Firewall agent can't block cloud computing platforms and big VPS providers because of their importance.
3. Peer-to-peer: The getlatern team claims it has integrated peer-to-peer data transfer mechanism to their software. Peer-to-peer makes the IP addresses abundant, and trivial to block.
By the way, the Great Firewall designer claimed to have invented a way to detect meek traffic by looking at packet sizes and timing, a simple, dirty and stupid DPI trick. New censorship circumvention tools MUST NOT send packets with easily detectable DPI features.
> Tor 0.2.7.6 is released | The Tor Blog
> 请tor开发人员关注方滨兴等流氓对混淆插件流量特征的研究!! On December 11th, 2015 Anonymous said: ... They found that, meek, ...
> The research paper referred to by the OP's post above in Mandarin Chinese has been referenced by an earlier post here: https://blog.torproject.org/comment/reply/1098/137900
> The official name of the research paper in English is "Towards measuring unobservability in anonymous communication systems", Journal of Computer Research and Development, 2015, 52(10): 2373-2381.
> The PDF version can be downloaded from: http://crad.ict.ac.cn/CN/abstract/abstract3031.shtml# The file size is about 6861 KB.
> On December 17th, 2015 dcf said: Thanks, we have seen that paper. It doesn't mean that the censors in China have the capability to do the kind of traffic analysis they describe (yet), but it's something for us to keep in mind for the future. obfs4 and ScrambleSuit in fact are already capable of obfuscating their traffic patterns, but the capability hasn't been turned on yet because it hasn't been needed.
More information about the tor-talk