[tor-dev] Email-based rendezvous for flash proxies

[David Fifield <david@xxxxxxxxxxxxxxx>]

I have made a design and written some code for an email-based
registration system for flash proxy clients. Registration is the process
by which a censored client sends its IP address to request service from
an external proxy.

In summary, a censored client sends its address in encrypted email over
SMTP over TLS to a distinguished email address. A program running on the
flash proxy facilitator makes an IMAP connection over TLS, polls for
messages, then decrypts them and registers the addresses withing. The
email messages are sent by a registration helper program, not the
client's own email account, and they appear to come from a dummy
address. More information is in the ticket:

https://trac.torproject.org/projects/tor/ticket/6383#comment:5

I would appreciate a second look at the design, especially the use of
crypto. The ticket's comment number 5 calls out some particular
features.

This is our first registration system with a claim to being hard to
block. This is step 1 that goes through the firewall in the diagram at
http://crypto.stanford.edu/flashproxy/#how-it-works. The censor sees a
TLS session with a Gmail MX server, followed later by an incoming
connection from a flash proxy at a previously unseen IP address. What
makes this different than other circumvention ideas is that nothing is
sent directly to any published or unpublished Tor relay.

David Fifield
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev