Total Pageviews

Thursday 21 April 2016

torproject开发的混淆流量的工具-scramblesuit

The ScrambleSuit traffic obfuscation protocol 

Overview

ScrambleSuit is a pluggable transport protocol for obfsproxy. It is written in pure Python and solves two problems:
  • Protection against active probing attacks by requiring a shared secret between the client and the server. This secret is communicated out-of-band via Tor's BridgeDB.
  • Rudimentary defence against traffic analysis attacks by altering flow features. In particular, ScrambleSuit alters its inter-arrival times and packet length distribution.
Besides, ScrambleSuit's payload is computationally indistinguishable from randomness. Clients can authenticate themselves towards a ScrambleSuit bridge by conducting a modified UniformDH handshake or by redeeming a session ticket.
For a more detailed overview of ScrambleSuit, please have a look at the project page available athttp://veri.nymity.ch/scramblesuit/. The research paper is available at http://veri.nymity.ch/pdf/wpes2013.pdf. Finally, the directory "doc/" in this repository contains ScrambleSuit's protocol specification.

Installation and Testing

The following instructions were tested on Debian wheezy but they should work just fine on other GNU/Linux distributions as well.
  1. On a Debian wheezy system, the following packages are needed:
    gitpython-devpython-gmpypython-yamlpython-setuptoolsautomakelibevent-devlibssl-dev,asciidoc
  2. Clone and compile the current Tor-git (or use a version of your choice as long as it is >= v0.2.5.0-alpha-dev):
    git clone https://git.torproject.org/tor.git
  3. Clone the current version of pyptlib (or use a version of your choice as long as it is >= 0.0.5):
    git clone https://git.torproject.org/pluggable-transports/pyptlib.git
  4. Clone a modified version of obfsproxy which contains the scramblesuit branch:
    git clone -b scramblesuit_integration https://git.torproject.org/user/phw/obfsproxy.git
The directory "test/" in this repository contains two configuration files for tor which provide a local (i.e., using the loopback interface) ScrambleSuit setup. Furthermore, the script generate_secret.py can be used to generate shared secrets for Tor's configuration file.

Alternatives

Check out obfs4 which is an enhancement of ScrambleSuit.

Feedback

Contact: Philipp Winter phw@torproject.org

from https://github.com/NullHypothesis/scramblesuit