From ef38b844f9989dff25f553b583aeafc411dd100e Mon Sep 17 00:00:00 2001 From: Yawning Angel Date: Fri, 9 May 2014 10:23:58 +0000 Subject: Initial import. --- README.md | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+) create mode 100644 README.md (limited to 'README.md') diff --git a/README.md b/README.md new file mode 100644 index 0000000..bf1d69c --- /dev/null +++ b/README.md @@ -0,0 +1,54 @@ +## obfs4 - The fourbfuscator +#### Yawning Angel (yawning at torproject dot org) + +### WARNING + +This is pre-alpha. Don't expect any security or wire protocol stability yet. +If you want to use something like this, you should currently probably be looking +at ScrambleSuit. + +### What? + +This is a look-like nothing obfuscation protocol that incorporates ideas and +concepts from Philipp Winter's ScrambleSuit protocol. The obfs naming was +chosen primarily because it was shorter, in terms of protocol ancestery obfs4 +is much closer to ScrambleSuit than obfs2/obfs3. + +The notable differences between ScrambleSuit and obfs4: + + * The handshake always does a full key exchange (no such thing as a Session + Ticket Handshake). (TODO: Reconsider this.) + * The handshake uses the Tor Project's ntor handshake with public keys + obfuscated via the Elligator mapping. + * The link layer encryption uses NaCl secret boxes (Poly1305/Salsa20). + +### Why not extend ScrambleSuit? + +It's my protocol and I'll obfuscate if I want to. + +Since a lot of the changes are to the handshaking process, it didn't make sense +to extend ScrambleSuit as writing a server implementation that supported both +handshake variants without being obscenely slow is non-trivial. + +### TODO + + * Packet length obfuscation. + * (Maybe) Make it resilient to transient connection loss. + * (Maybe) Use IP_MTU/TCP_MAXSEG to tweak frame size. + * Write a detailed protocol spec. + * Code cleanups. + * Write more unit tests. + +### WON'T DO + + * I do not care that much about standalone mode. Patches *MAY* be accepted, + especially if they are clean and are useful to Tor users. + * Yes, I use a bunch of code from the borg^w^wGoogle. If that bothers you + feel free to write your own implementation. + * I do not care about older versions of the go runtime. + +### Thanks + * David Fifield for goptlib. + * Adam Langley for his Elligator implementation. + * Philipp Winter for the ScrambleSuit protocol which provided much of the + design. -- cgit v1.2.3