[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Internet-wide scanning for bridges

There are even better solutions than this:
  1. Port knocking: <https://wiki.archlinux.org/index.php/Port_Knocking>
  2. Single-packet authorization: <http://www.cypherpunks.ca/~iang/pubs/bridgespa-wpes.pdf>

ScrambleSuit has implemented something like #2, and its paper (http://www.cs.kau.se/philwint/pdf/wpes2013.pdf) describes its authentication mechanisms as preventing detecting via network-wide scanning. However, I can’t say how it actually got implemented.


> On Dec 13, 2014, at 3:40 AM, Fabio Pietrosanti (naif) - lists <lists@xxxxxxxxxxxxxxx> wrote:
> On 12/13/14 1:33 AM, Vlad Tsyrklevich wrote:
>> I've attached a patch to warn bridge operators running with ORPort set
>> to 443 or 9001 as a stop-gap measure.
> IMHO the real point is that Tor, is not employing the techniques that
> used since decades by the COMSEC solutions in the radio-frequency, that
> is "frequency hopping".
> On the internet we have TCP ports, on the radio-spectrum we have frequency.
> Just apply the various, multiple, available, well documented techniques
> used to provide additional L1/L2 safety to the radio-frequency
> transmission techniques to Tor, et voilà, Tor would acquire important
> resiliency properties against massive scanning.
> That's just a concept and approach, it would require a bit more of
> research, but i'm quite confident that would provide very important
> benefit compared to the minor performance issues introduced.
> -- 
> Fabio Pietrosanti (naif)
> HERMES - Center for Transparency and Digital Human Rights
> http://logioshermes.org - https://globaleaks.org - https://tor2web.org - https://ahmia.fi
> _______________________________________________
> tor-dev mailing list
> tor-dev@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

tor-dev mailing list