Last September I announced initial results [1] towards a framework, which we call Format-Transforming Encryption (FTE), for encoding messages using regular languages. We're excited to announce that we've made progress towards an implementation and would like to invite alpha testers. Our source code is available on github [2]. Tor Bundles are available for OSX/Linux [3] that include our FTE framework and are configured by default to work with FTE+Tor bridges deployed in the United States. Unfortunately we don't, yet, support Windows.
The latest version of our paper is available on the Cryptology ePrint Archive [4]. In the paper we describe our framework and provide a comprehensive security evaluation of FTE's success in evading six DPI systems --- including using regular expressions from open-source DPI systems to evade detection by a closed-source black-box commercial DPI system. By "evade" we mean that it's easy for FTE to tunnel arbitrary TCP streams (e.g., Tor) such that they are (mis)classified by DPI systems as a configurable target protocol (e.g., HTTP, SMB, RTSP, etc.) of one's choosing.
We release FTE in its alpha stage because we believe it is well positioned to evade the suspected protocol white-listing [5] recently reported in Iran. More generally, we're optimistic FTE has long-term potential as a tool to enable users to control how their traffic is classified by passive DPI systems. As one example, over the last month, we've successfully tunneled Tor through the Great Firewall of China, using FTE to make our traffic "look like" HTTP.
We're eager for feedback on this alpha release, so please do not hesitate to contact us with questions.
-Kevin P Dyer (and his co-authors)
[1] https://lists.torproject.org/pipermail/tor-dev/2012-September/003993.html [2] https://github.com/redjack/FTE [3] https://github.com/redjack/FTE/tree/master/TorBundles [4] http://eprint.iacr.org/2012/494 [5] https://lists.torproject.org/pipermail/tor-dev/2013-May/004787.html