new page to keep track of o...
Roger Dingledine authored 12 years ago
|
1) ## translation metadata
2) # Revision: $Revision$
3) # Translation-Priority: 3-low
4)
5) #include "head.wmi" TITLE="Tor Project: Pluggable Transports" CHARSET="UTF-8"
6) <div id="content" class="clearfix">
7) <div id="breadcrumbs">
8) <a href="<page index>">Home » </a>
9) <a href="<page docs/documentation>">Documentation » </a>
10) <a href="<page docs/pluggable-transports>">Pluggable Transports</a>
11) </div>
12) <div id="maincol">
13) <h2>Tor: Pluggable Transports</h2>
14) <hr>
15)
16) <p>
17) An increasing number of censoring countries are using Deep Packet
18) Inspection (DPI) to classify Internet traffic flows by protocol.
19) While Tor uses <a href="<page docs/bridges>">bridge relays</a> to
20) get around a censor that blocks by IP address, the censor can use
21) DPI to recognize and filter Tor traffic flows even when they connect
22) to unexpected IP addresses.
23) </p>
24)
25) <p>
|
Various changes on Pluggabl...
Nima Fatemi authored 8 years ago
|
26) Pluggable Transports (PT) transform the Tor traffic flow between the client
|
new page to keep track of o...
Roger Dingledine authored 12 years ago
|
27) and the bridge. This way, censors who monitor traffic between the
28) client and the bridge will see innocent-looking transformed traffic
29) instead of the actual Tor traffic.
30) External programs can talk to Tor clients and Tor bridges using the <a
|
cgit version of blob_plain/...
Matt Pagan authored 10 years ago
|
31) href="https://gitweb.torproject.org/torspec.git/tree/pt-spec.txt">pluggable
|
new page to keep track of o...
Roger Dingledine authored 12 years ago
|
32) transport API</a>, to make it easier to build interoperable programs.
33) </p>
34)
|
add graphic instructions on...
Nima Fatemi authored 8 years ago
|
35) <h3>How to use PTs to bypass censorship</h3>
36) <p>
37) If connections to Tor network are being blocked by your ISP or country,
38) follow this instructions:
39) </p>
40) <a href="$(IMGROOT)/PT/2016-07-how-to-use-PT.png">
41) <img src="$(IMGROOT)/PT/2016-07-how-to-use-PT.png" width="830"
42) alt="How to use PTs: 1-download tor (send email to gettor@torproject.org) 2-select configure 3-check 'my isp blocks tor...'
43) 4-select obfs4 5-press connect" /></a>
44) <!-- TODO: move alt to instructions in plain text for visually impaird users -->
45)
|
new page to keep track of o...
Roger Dingledine authored 12 years ago
|
46) <hr>
47)
|
Various changes on Pluggabl...
Nima Fatemi authored 8 years ago
|
48) <h3>Currently deployed PTs</h3>
49) <p>
50) These Pluggable Transports are currently deployed in Tor Browser, and you can start using them by <a href="<page download/download-easy>">downloading and using Tor Browser</a>.
51) </p>
52)
53) <ul>
54)
55) <li><a href="https://github.com/Yawning/obfs4/blob/master/doc/obfs4-spec.txt"><b>obfs4</b></a>
56) is a transport with the same features as <a href="http://www.cs.kau.se/philwint/scramblesuit/"><b>ScrambleSuit</b></a>
57) but utilizing Dan Bernstein's <a href="http://elligator.cr.yp.to/elligator-20130828.pdf">elligator2</b></a>
58) technique for public key obfuscation, and the
59) <a href="https://gitweb.torproject.org/torspec.git/tree/proposals/216-ntor-handshake.txt">ntor protocol</a>
60) for one-way authentication. This results in a faster protocol. Written in Go.
61) Maintained by Yawning Angel.
62) </li>
63) <!-- TODO: update the link with repo hosted on git.tpo. and make a note that this client supports obfs3 -->
64)
65) <li><a href="https://trac.torproject.org/projects/tor/wiki/doc/meek"><b>meek</b></a>
66) is a transport that uses HTTP for carrying bytes and TLS for
67) obfuscation. Traffic is relayed through a third-party server
68) (​Google App Engine). It uses a trick to talk to the third party so
69) that it looks like it is talking to an unblocked server.
70) Maintained by David Fifield.
71) </li>
72) <!-- TODO: add more info about meek. include amazon and azure and maybe remove google for now -->
73)
74) <li><a href="https://fteproxy.org/"><b>Format-Transforming
75) Encryption</b></a> (FTE) transforms Tor traffic to arbitrary
76) formats using their language descriptions. See the <a
77) href="https://kpdyer.com/publications/ccs2013-fte.pdf">research
78) paper</a>.</li>
79)
80) <li><a href="http://www.cs.kau.se/philwint/scramblesuit/"><b>ScrambleSuit</b></a>
81) is a pluggable transport that protects
82) against follow-up probing attacks and is also capable of changing
83) its network fingerprint (packet length distribution,
84) inter-arrival times, etc.). It's part of the Obfsproxy framework.
85) Maintained by Philipp Winter.
86) </li>
87)
88) <!-- TODO: it's unclear whether orbot still uses obfsclient or not;
89) commenting out untill furthure notice -->
90) <!-- <li><a href="https://github.com/yawning/obfsclient"><b>obfsclient</b></a>
91) is a multi-transport pluggable transport proxy (like obfsproxy),
92) written in C++ that implements the client-side of <em>obfs2</em>,
93) <em>obfs3</em> and <em>scramblesuit</em>. It's used by
94) <a href="https://guardianproject.info/apps/orbot/">Orbot</a> on
95) Android because of the difficulties of using Python applications.
96) Maintained by Yawning Angel. <br>
97) </li> -->
98)
99) </ul>
100)
101) <hr>
102)
103) <h3>Deprecated PTs; Removed from Tor Browser</h3>
|
add breaks after h3 titles
Nima Fatemi authored 8 years ago
|
104) <br>
|
Various changes on Pluggabl...
Nima Fatemi authored 8 years ago
|
105) <ul>
106) <!-- TODO: add deprecation note for each PT -->
107) <li><a href="<page projects/obfsproxy>"><b>Obfsproxy</b></a> is a Python framework for implementing new
108) pluggable transports. It uses Twisted for its networking needs, and
109) <a href="https://gitweb.torproject.org/pluggable-transports/pyptlib.git/tree/README.rst">pyptlib</a>
110) for some pluggable transport-related features. It supports the
111) <a href="https://gitweb.torproject.org/pluggable-transports/obfsproxy.git/tree/doc/obfs2/obfs2-protocol-spec.txt">obfs2</a>
112) and
113) <a href="https://gitweb.torproject.org/pluggable-transports/obfsproxy.git/tree/doc/obfs3/obfs3-protocol-spec.txt">obfs3</a>
114) pluggable transports. Maintained by asn.
115) </li>
116)
117) <li><a href="https://crypto.stanford.edu/flashproxy/"><b>Flashproxy</b></a> turns ordinary web browsers into bridges using
118) websockets, and has a little python stub to hook Tor clients to the
119) websocket connection. See its
120) <a href="https://gitweb.torproject.org/flashproxy.git">git repository</a>,
121) and
122) <a href="https://crypto.stanford.edu/flashproxy/flashproxy.pdf">design paper</a>.
123) Maintained by David Fifield.
124) <!-- # <iframe src="//crypto.stanford.edu/flashproxy/embed.html" width="80" height="15" frameborder="0" scrolling="no"></iframe> -->
125) </li>
126)
127) </ul>
128)
129) <hr>
130)
131) <h3>Undeployed PTs</h3>
|
add breaks after h3 titles
Nima Fatemi authored 8 years ago
|
132) <br>
|
Various changes on Pluggabl...
Nima Fatemi authored 8 years ago
|
133) <!-- TODO: move this section to wiki -->
134) <!-- TODO: add snowflake -->
|
new page to keep track of o...
Roger Dingledine authored 12 years ago
|
135) <ul>
|
Add pyobfsproxy to the PT p...
George Kadianakis authored 12 years ago
|
136)
|
new page to keep track of o...
Roger Dingledine authored 12 years ago
|
137) <li><b>StegoTorus</b> is an Obfsproxy fork that extends it to a)
138) split Tor streams across multiple connections to avoid packet size
139) signatures, and b) embed the traffic flows in traces that look like
|
Capitalize some stuff
Sebastian Hahn authored 8 years ago
|
140) HTML, JavasCript, or PDF. See its
|
new page to keep track of o...
Roger Dingledine authored 12 years ago
|
141) <a href="https://gitweb.torproject.org/stegotorus.git">git repository</a>.
|
Add status information on t...
George Kadianakis authored 12 years ago
|
142) Maintained by Zack Weinberg. <br>
|
new page to keep track of o...
Roger Dingledine authored 12 years ago
|
143) </li>
144)
145) <li><b>SkypeMorph</b> transforms Tor traffic flows so they look like
146) Skype Video. See its
147) <a href="http://crysp.uwaterloo.ca/software/SkypeMorph-0.5.1.tar.gz">source code</a>
148) and
149) <a href="http://cacr.uwaterloo.ca/techreports/2012/cacr2012-08.pdf">design paper</a>.
|
Add status information on t...
George Kadianakis authored 12 years ago
|
150) Maintained by Ian Goldberg. <br>
|
new page to keep track of o...
Roger Dingledine authored 12 years ago
|
151) </li>
152)
153) <li><b>Dust</b> aims to provide a packet-based (rather than
154) connection-based) DPI-resistant protocol. See its
155) <a href="https://github.com/blanu/Dust">git repository</a>.
|
Add status information on t...
George Kadianakis authored 12 years ago
|
156) Maintained by Brandon Wiley. <br>
|
new page to keep track of o...
Roger Dingledine authored 12 years ago
|
157) </li>
158)
159) </ul>
|
Mention the PT wiki page in...
George Kadianakis authored 11 years ago
|
160)
161) <p> Also see the <emph>unofficial</emph> pluggable transports <a
162) href="https://trac.torproject.org/projects/tor/wiki/doc/PluggableTransports">wiki
163) page</a> for more pluggable transport information.</p>
164)
|
tell us about new pluggable...
Roger Dingledine authored 12 years ago
|
165) <hr>
166)
167) <p>
|
Various changes on Pluggabl...
Nima Fatemi authored 8 years ago
|
168) Our goal is to have a wide variety of Pluggable Transport designs.
|
tell us about new pluggable...
Roger Dingledine authored 12 years ago
|
169) Many are at the research phase now, so it's a perfect time to play
170) with them or suggest new designs. Please let us know if you find or
171) start other projects that could be useful for making Tor's traffic
172) flows more DPI-resistant!
173) </p>
|