GitLab

Regarding the design of BridgeFinder, I suggest that it contains a plugin system in order to allow different inputs. In https://trac.torproject.org/projects/tor/ticket/5096 it is proposed to use QR codes but I think that this should not be the only option.

One problem with QR codes is that they are clearly describing something that is hidden. So instead I propose an additional plugin that does steganography. In more detail I'm thinking of image steganography (although at a later stage one could add audio/video or others (random bytes)).

The basic idea: A list of bridge addresses get sent to a trusted person. This person encodes the bridge addresse(s) into an image and sends them to a friend. This friend then decodes the bridge address contained in the image and uses it to connect to Tor (via BridgeFinder).

A bit more specific:

The encoding will not alter the image signficantly so that it appears to be a valid unsuspicious data exchange (e.g. a holiday snapshot, avatar, signature).

To encode the image a password needs to be entered that is known by both ends. Password suggestions:

# a complex password known by both parties

# name of a significant object in the image (this would allow external people easier access, on the other hand it would also allow the use of image sharing websites and blogs, automatic algorithms (object detection) to treat large amounts of images would be difficult).

# I can also think of images that contain no password at all. But of course that would make it easier for censors to find them and block the bridges.

The decoding process must be computationally expensive in order to avoid dictonary attacks.

The algorithm for decoding contains automatic error correction as well as data verification.

Let me know what you think about this idea. If it is worth pursuing I can do the coding.

Trac:
Username: seaman