On Tue, Jan 07, 2014 at 06:41:02AM -0800, Jacek Wielemborek wrote: > Hi, > > I recently had an opportunity to watch David Fifield's lightning talk on > pluggable transports that he gave on 30C3. I find the topic fascinating and > I'm > considering an application to your project for the upcoming Google Summer of > Code. > > My idea is a bit complicated - I'd like to create a pluggable transport that > hides data in TCP sequence number gaps or UDP source port numbers. I don't > yet > have all details thought over, but the way I imagine it right now, the user > would have to establish a TCP or UDP connection to the relay. The connection > could be completely bogus, though it'd be useful if a lot of data was sent > over it. After connecting, the client sends to the server a message with a > random RSA key steganographically hidden in the TCP sequence numbers. If the > server replies the same way with an RSA-encrypted AES key, the rest of the > hidden transmission goes encrypted with it. Since the SEQ number gaps are > meant to be random anyway, I believe that this could be very hard to detect.
Only the initial SEQ of a TCP connection is random (and usually only ~24 bits at that). The subsequent SEQs are deterministic. Can you clarify your intent? - Ian _______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
