[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] obfs4, meek, active probing and the timeline of pluggable transports

To: tor-dev@xxxxxxxxxxxxxxxxxxxx, Piyush Kumar Sharma <piyushs@xxxxxxxxxxx>
Subject: Re: [tor-dev] obfs4, meek, active probing and the timeline of pluggable transports
From: Michael Rogers <michael@xxxxxxxxxxxxxxxx>
Date: Mon, 29 Oct 2018 11:55:57 +0000
Autocrypt: addr=michael@xxxxxxxxxxxxxxxx; prefer-encrypt=mutual; keydata= xsBNBE+DF5gBCADGR+FvMLv2vtjznaZbfqRVLNnxfFzXwO8LPu8MdwDMYFEubTx9pCz5Z/jI +BEI+rkhbJbJYRw13rj7zEJWN2+QUb4YtaHCcR1ClA5pcZUurPqbMsFlIruEufydoCcEiTUN FtP/8MrYy70BqDzIgLzpS9tk7CwY2CELm8z0aLIa4th6rjUTIZb+2DbIrVUIwLbub/W014aJ hH942bGO/pbMz8QCdLjtT0YKTiLTDvU0gPA50YxBZHWKqHjJS+35cJUvVxILgSiqqeAkHPks 0IerMGTXBt5QaPamBEo9cGNr0hnRizwvRBPMcG2YDl5CJazUWwCe3FNRUzFfbMq9l3+PABEB AAHNKU1pY2hhZWwgUm9nZXJzIDxtaWNoYWVsQGJyaWFycHJvamVjdC5vcmc+wsB+BBMBAgAo AhsjBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCWznfSAUJDZf7MAAKCRARBE/Rn8UnzOPx B/4zVF0oduFMqtXfI+9eVTfilvWW9BQKk4AO78ECWVDfflKYhBKtmW+bZTfJ8OM0iQFS/i2Z E/++0K68dhpRE/FT24jTYosnknFJvov5uAlNiERkXlVhuIGMfJ94XpncEIj5Ji+IHX7PD+RG eVhgQAWhvzYFXUJ8aGXCVWymz/1NOFKRvaSBfjmjMpZnTcbCDVtPFIS+Ha3yS4ql148r0wQc /MOR72vhM8R0obHfKExAeAUc1SlvAeBMvyrb3gRnTrMrNh1ap/gNrrSXChiT+zaIMatQlQS8 o4gNn3AptTxvGW1vhzZPm4nHaVBe1TpFKRkCSKBhClIJVZj+DUqb85zNzsBNBE+DF5gBCADV J1q9uGuCePE8wqybJMtjXxAbx+luDeIHrLCPT4E8H2J+v+X/74iRjBoMlZ3JVpaQPVR05nM4 7Vyj0KRhPucv6TH0S9A2cSPiAnWyMIoYOCcYjL8LrPRYdoeLd8b1m7n/KUyi+pOkN/pxJUH5 63gvs4xl+agyhNXkVxxDf2wipZmrr851qSUZJoo/NFfuIW13MU0HyslQaI5fZ4kSV3jgU+QJ eSiScgHRGthDRIFXNzhi8TG8KFi/SXVxGAD5ZYNVV76TzYjXOunCnPsXjj3sV8NqgqhCPpGl DtI5be09FjBKqPzNBVzJFXuPYUv30uLyS7EzKZ089zvn/pN/xDWtABEBAAHCwGUEGAECAA8C GwwFAls5304FCQ2X+zYACgkQEQRP0Z/FJ8w68Af/W0XMekchtEvmubiOLXLGnIq7kGuQLp8s aF9696cEWc0vpL6B4zJWeS4Kr4zPMu2Y0XuKsv+XCrKy+rJnUdYgoLiHNEW4629+OibYqV3m XAv3Xkx7YGMi/2rke9dOa6ieyntXgy/3KKgbv12RGVvY5LxFjXy8wV+MIPw5ErAci/1baLNM LcSeMGOpdFtygPTXC/WOTG4gBngAWpBcxR8PeUlo+BDWq9Rpv8bmGSMROqxWIMOFN2IERoy/ szQQTSJvvw6UXnPocKgJSQpljyVEkyU0fK56d+abbZ3QPAsplDEjH8uqnlfdtGGmI7tSQKXJ yXIisGSYk+M4Bq7HrnYO0A==
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 29 Oct 2018 07:56:18 -0400
In-reply-to: <CAGkdf3epZuy4s+jS_R5vZYgsV=1ctAqSUqrNpuaGMfobm9CXvQ@mail.gmail.com>
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
Openpgp: preference=signencrypt
References: <CAGkdf3epZuy4s+jS_R5vZYgsV=1ctAqSUqrNpuaGMfobm9CXvQ@mail.gmail.com>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1

On 27/10/2018 12:50, Piyush Kumar Sharma wrote:
> 2.) What was the motivation to bring in meek as a pluggable transport,
> given the fact that obfs4 works great to cover all the existing problems
> with Tor detection. Was the motivation just the fact that, it will be
> much easier for the users to use meek than obfs4 or something other than
> this?

Hi Piyush,

I'm not a Tor dev but I'll try to answer this.

To use obfs4 the client needs to know the IP address of an obfs4 bridge.
If these addresses are distributed in a public or semi-private way,
eventually the adversary may learn them in the same way that clients do,
in which case they can be blacklisted without active probing.

Meek allows the client to connect to any server that belongs to a "front
domain". If the front domain also hosts a lot of popular services or
important infrastructure then the adversary may be reluctant to block
it, in which case it isn't necessary to keep the front domain secret
from the adversary.

Until recently, Meek used AWS and Google App Engine as front domains. I
believe those services have stopped supporting domain fronting, but a
similar tactic may soon become possible with encrypted SNI, which is now
supported by Cloudflare.

If anyone on the list knows whether/when we're likely to see a pluggable
transport based on encrypted SNI I'd love to hear about it.

Cheers,
Michael

Attachment: 0x11044FD19FC527CC.asc
Description: application/pgp-keys

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Follow-Ups:
- Re: [tor-dev] obfs4, meek, active probing and the timeline of pluggable transports
  - From: Nicolas Vigier

References:
- Re: [tor-dev] obfs4, meek, active probing and the timeline of pluggable transports
  - From: Piyush Kumar Sharma

Prev by Author: Re: [tor-dev] Temporary hidden services
Next by Author: Re: [tor-dev] Temporary hidden services
Previous by thread: Re: [tor-dev] obfs4, meek, active probing and the timeline of pluggable transports
Next by thread: Re: [tor-dev] obfs4, meek, active probing and the timeline of pluggable transports
Index(es):
- Author
- Thread