Skip to content
GitLab
Closed
Issue created by Yawning Angel@yawning

Design/implement obfsNG.

Name subject to change, but for now I'm following the shining example set by the IETF and calling it obfsNG. I will likely rename it to obfs6 come deployment time (obfs5 if skipping a version will confuse users.

Current planned changes:

  • Key exchange/handshake will use Ring-LWE + Ed25519 (authentication), instead of Curve25519/Elligator2 + ntor.
  • Link crypto to likely use Poly1305 + ChaCha20 in a better designed framing format than the SipHash-2-4 + Poly1305/XSalsa20 abomination used by obfs4.
  • Inline padding negotiation to simplify bridge line formatting.

Benefits:

  • Slightly easier to use, with a slightly shorter Bridge line.
  • Indistinguishability of the key exchange is a property of the key exchange primitive used, rather than something separate that needs care when using a la Elligator2.
  • More future-proofing by adding flexibility to padding.

Downsides:

  • Ring-LWE is really new, and the implementation was ported to Go by some random sketchoid.