On Fri, 25 Jul 2014 10:00:01 +0200 Lunar <lunar@xxxxxxxxxxxxxx> wrote: > isis: > > > We can't just make Tor Browser stop accepting obfs2 because some > > > people are using obfs2 bridges right now. But we shouldn't add > > > more people to the set of users of a broken protocol. > > > > Obfs3 is also "broken", it's just that we haven't yet seen a DPI > > box do it IRL. > > That's news to me. Any pointers? Well, the protocol is ok, but it is vulnerable to active probing (eg: See something they don't recognize, flag the destination IP/Port, call back later). Doing so on a mass scale is *quite* expensive since the obfs3 handshake isn't exactly cheap, but probably is in the reach of a nation-state adversary (China springs to mind). There also are a few interesting statistical attacks that are possible vs the obfs3 protocol if you make guesses about the inner payload, but such things are unnecessary for obfs3 (and ScrambleSuit/obfs4 both have some defenses against those, although not all are enabled as a performance tradeoff). Regards, -- Yawning Angel
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev