diff options
| author | Yawning Angel <yawning@schwanenlied.me> | 2014-05-13 02:31:37 +0000 |
|---|---|---|
| committer | Yawning Angel <yawning@schwanenlied.me> | 2014-05-13 02:31:37 +0000 |
| commit | 9bfdd77f722807a611d6910bbef45084360064a1 (patch) | |
| tree | 1cbc9c840bad373368ada0f8322e29ea6b24adf8 /README.md | |
| parent | 51a8dd5a86eeca744e0add680b1f4796c4babe2b (diff) | |
Add preliminary support for packet length obfuscation.
The same algorithm as ScrambleSuit is used, except:
* SipHash-2-4 in OFB mode is used to create the distribution.
* The system CSPRNG is used when sampling the distribution.
This fixes most of #3, all that remains is generating and sending a
persistent distribution on the server side to the client.
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 3 |
1 files changed, 1 insertions, 2 deletions
@@ -17,7 +17,7 @@ is much closer to ScrambleSuit than obfs2/obfs3. The notable differences between ScrambleSuit and obfs4: * The handshake always does a full key exchange (no such thing as a Session - Ticket Handshake). (TODO: Reconsider this.) + Ticket Handshake). * The handshake uses the Tor Project's ntor handshake with public keys obfuscated via the Elligator mapping. * The link layer encryption uses NaCl secret boxes (Poly1305/XSalsa20). @@ -32,7 +32,6 @@ handshake variants without being obscenely slow is non-trivial. ### TODO - * Packet length obfuscation. * (Maybe) Make it resilient to transient connection loss. * (Maybe) Use IP_MTU/TCP_MAXSEG to tweak frame size. * Write a detailed protocol spec. |