This project is archived. Its data is
read-only
.
Changes
Page history
Apply conversion script to all *.md files.
authored
Jun 15, 2020
by
Alexander Hansen Færøy
Show whitespace changes
Inline
Side-by-side
org/projects/Tor/TLSHistory.md
View page @
a1a4b621
...
...
@@ -2,7 +2,7 @@
For a few reasons, TLS as it stands is a difficult protocol for Tor to use.
==
REASON 1: IT IS HARD TO LOOK LIKE OTHER TLS INSTANCES FROM THE POV OF PASSIVE ATTACKS
==
##
REASON 1: IT IS HARD TO LOOK LIKE OTHER TLS INSTANCES FROM THE POV OF PASSIVE ATTACKS
The first is that TLS exists in a stupendously vast number of
externally visible profiles. If you're running a protocol that an
...
...
@@ -16,7 +16,7 @@ I'll go through the history of the stupid ways that Tor has tried to
use TLS over the years. This will read like a comedy of errors;
please don't judge our missteps too harshly.
===
Stage 1: (Tor versions 0.0.1 through 0.2.0.19)
===
###
Stage 1: (Tor versions 0.0.1 through 0.2.0.19)
What we would really
like to do, if we didn't need to worry about censorship, is to have a
...
...
@@ -41,7 +41,7 @@ RFC2409, section 6.2.
We made some concessions to avoiding fingerprinting during this phase. For example, we removed some fixed strings from our certificates' DNs.
===
Stage 2: (Tor 0.2.0.20 through 0.2.3.6)
===
###
Stage 2: (Tor 0.2.0.20 through 0.2.3.6)
Our particular use of two-certificate chains, our unusual cipher list,
and our our funny-looking certs made Tor pretty easy to profile.
...
...
@@ -97,7 +97,7 @@ https://lists.torproject.org/pipermail/tor-talk/2009-November/015864.html
Protocol details at
https://gitweb.torproject.org/torspec.git/tree/proposals/130-v2-conn-protocol.txt
===
Stage 3: (Tor 0.2.3.6 to present)
===
###
Stage 3: (Tor 0.2.3.6 to present)
When we started getting detected and blocked based on our use of
renegotiation, we switched to an improved handshake, where the outer
...
...
@@ -116,7 +116,7 @@ if we didn't need to blend in with other TLS handshakes.
Protocol details at
https://gitweb.torproject.org/torspec.git/tree/proposals/176-revising-handshake.txt
===
Stage 4:
===
###
Stage 4:
There are more features that are getting used to distinguish Tor from
other TLS traffic. They include:
...
...
@@ -126,7 +126,7 @@ other TLS traffic. They include:
We're hoping to address these in 0.2.4.x.
==
REASON 2: IT IS HARD TO RESIST ACTIVE PROBING
==
##
REASON 2: IT IS HARD TO RESIST ACTIVE PROBING
Most censorious attackers are passive, and seem to be using modified
commercial software to detect and block Tor connections. On the other
...
...
@@ -141,7 +141,7 @@ complete the handshake ... or to even confirm that it isn't talking to
a regular webserver. The presentation of this information can't be
visible to a passive observer.
==
SOME OBVIOUS AND NOT-SO-OBVIOUS POINTS:
==
##
SOME OBVIOUS AND NOT-SO-OBVIOUS POINTS:
There are, as near as I can tell, two main classes of censorious
adversary: the GFW, and everybody else. Everybody else seems either
...
...
...
...
