GitLab

Name subject to change, but for now I'm following the shining example set by the IETF and calling it obfsNG. I will likely rename it to obfs6 come deployment time (obfs5 if skipping a version will confuse users.

Current planned changes:

• Key exchange/handshake will use Ring-LWE + Ed25519 (authentication), instead of Curve25519/Elligator2 + ntor.
• Link crypto to likely use Poly1305 + ChaCha20 in a better designed framing format than the SipHash-2-4 + Poly1305/XSalsa20 abomination used by obfs4.
• Inline padding negotiation to simplify bridge line formatting.

Benefits:

• Slightly easier to use, with a slightly shorter Bridge line.
• Indistinguishability of the key exchange is a property of the key exchange primitive used, rather than something separate that needs care when using a la Elligator2.
• More future-proofing by adding flexibility to padding.

Downsides:

• Ring-LWE is really new, and the implementation was ported to Go by some random sketchoid.