There are even better solutions than this: 1. Port knocking: <https://wiki.archlinux.org/index.php/Port_Knocking> 2. Single-packet authorization: <http://www.cypherpunks.ca/~iang/pubs/bridgespa-wpes.pdf>
ScrambleSuit has implemented something like #2, and its paper (http://www.cs.kau.se/philwint/pdf/wpes2013.pdf) describes its authentication mechanisms as preventing detecting via network-wide scanning. However, I can’t say how it actually got implemented. Aaron > On Dec 13, 2014, at 3:40 AM, Fabio Pietrosanti (naif) - lists > <[email protected]> wrote: > > > On 12/13/14 1:33 AM, Vlad Tsyrklevich wrote: >> >> >> I've attached a patch to warn bridge operators running with ORPort set >> to 443 or 9001 as a stop-gap measure. > > IMHO the real point is that Tor, is not employing the techniques that > used since decades by the COMSEC solutions in the radio-frequency, that > is "frequency hopping". > > On the internet we have TCP ports, on the radio-spectrum we have frequency. > > Just apply the various, multiple, available, well documented techniques > used to provide additional L1/L2 safety to the radio-frequency > transmission techniques to Tor, et voilà, Tor would acquire important > resiliency properties against massive scanning. > > That's just a concept and approach, it would require a bit more of > research, but i'm quite confident that would provide very important > benefit compared to the minor performance issues introduced. > > -- > Fabio Pietrosanti (naif) > HERMES - Center for Transparency and Digital Human Rights > http://logioshermes.org - https://globaleaks.org - https://tor2web.org - > https://ahmia.fi > > _______________________________________________ > tor-dev mailing list > [email protected] > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev _______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
