Hi, I recently had an opportunity to watch David Fifield's lightning talk on pluggable transports that he gave on 30C3. I find the topic fascinating and I'm considering an application to your project for the upcoming Google Summer of Code. My idea is a bit complicated - I'd like to create a pluggable transport that hides data in TCP sequence number gaps or UDP source port numbers. I don't yet have all details thought over, but the way I imagine it right now, the user would have to establish a TCP or UDP connection to the relay. The connection could be completely bogus, though it'd be useful if a lot of data was sent over it. After connecting, the client sends to the server a message with a random RSA key steganographically hidden in the TCP sequence numbers. If the server replies the same way with an RSA-encrypted AES key, the rest of the hidden transmission goes encrypted with it. Since the SEQ number gaps are meant to be random anyway, I believe that this could be very hard to detect. Obviously, this is a very difficult project. I'd like to point out that I already have some experience in both GSoC (worked for Nmap Project last summer, David Fifield was my mentor) and C programming. I imagine that I'd need to create some kernel-to-userspace interface that would let me do the packet manipulation - I'd probably start my research by looking at how OpenVPN implements this kind of stuff as it supports all major platforms. The main question is - would you be interested in mentoring such a project during the upcoming summer? Yours, Jacek Wielemborek
Attachment:
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev