Thanks for your response, I'm glad to hear this problem is still interesting :).

Specifically, after reading Nick Mathewson's proposal, I can see it is pretty much identical to what I've proposed (though his proposal has been around for more than a year). Do you have any information as to whether anyone has been/is working on implementing it?

As for suggestions such as SWEET, FreeWave, etc. - those would require changes to the TOR clients (right?), which makes them probably less easy to use, unless they are merged into the TOR mainline. Same goes for ScambleSuit, since the shared secret much somehow be delivered out-of-band, which is not always an easy feat to accomplish.


On Sat, Jul 27, 2013 at 3:53 PM, Philipp Winter <identity.function@gmail.com> wrote:
On Sat, Jul 06, 2013 at 09:34:06PM +0300, Lag Inimaineb wrote:
> Anyway, one of the main topics discussed in that talk was the problem of
> preventing the blockage of TOR bridges by oppressors. While many "fixes" were
> mentioned, none of them actually solve the problem of the bridge being
> probed, by following-up on previously captured SSL sessions (as China does).

Since then, several systems were proposed which should solve this problem.
First, there is DEFIANCE [0].  I believe that people are working on an
implementation but I don't have more information.  There's also ScrambleSuit
[1] which is an obfsproxy module and protects against active probing by
requiring a shared secret which is distributed out-of-band (e.g., over
bridgedb).  We have a working prototype of ScrambleSuit and we would highly
appreciate code review.

> I was thinking - perhaps instead of making the discovery of the actual bridge
> addresses "hard", why not setup bridges in places where other legitimate SSL
> connections are also made? What I mean is, maybe we should try and get big
> sites that cannot be legitimately (in the eyes of the oppressor, of course)
> blocked (social media, comic sites, whatever), to run a TOR bridge on the
> same port as their regular HTTPS traffic (443), in a way that someone
> recording the traffic cannot distinguish (in advance, that is) whether a
> certain SSL connection to that site is a legitimate web browsing session, or
> a TOR session.  That way, even if an address on the internet "speaks" the TOR
> protocol, it cannot be automatically blocked. Even if this address is known
> to host a TOR bridge, this might help plausible deniability for people
> unwilling to disclose that they've been using TOR.

There are some proposals which suggest to tunnel Tor traffic over "legitimate"
protocols to increase collateral damage when blocked.  That includes FreeWave,
Code Talker Tunnel (a.k.a.  SkypeMorph) and SWEET.  These projects can
partially defend against active probing because of their underlying protocols
(SSL-based email, Skype, VoIP).

Unfortunately, none of these proposals are close to being deployed.  SkypeMorph
does have a prototype, though.

> First off - there's the technical issue of binding to port 443 locally on the
> web servers without disrupting the currently running local client. I see
> several possible ways around this - a simple one could be local proxying of
> the SSL connection from the TOR bridge software to the locally running web
> server, in a way that when the bridge gets an SSL connection that isn't
> "speaking" the TOR protocol, it will be handed over to the web server. I
> admit, it's kinda messy, but TBH there are probably more efficient and
> "cleaner" ways to do this than what I've suggested.

There's a Tor proposal which suggests something quite similar [2].  There's no
implementation of it, though.

[0] https://www.usenix.org/system/files/conference/foci12/foci12-final7.pdf
[1] http://www.cs.kau.se/philwint/scramblesuit/
[2] https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/203-https-frontend.txt

Cheers,
Philipp
_______________________________________________
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev