Drop 'Make Stegotorus deployment ready' project idea
Damian Johnson

Damian Johnson commited on 2017-02-05 01:12:04
Zeige 1 geänderte Dateien mit 0 Einfügungen und 138 Löschungen.


Didn't hear back from vmon.
... ...
@@ -931,144 +931,6 @@ ideas.
931 931
     </p>
932 932
     </li>
933 933
 
934
-    <a id="stegotorus"></a>
935
-    <li>
936
-    <b>Make Stegotorus deployment ready</b>
937
-    <br>
938
-    Language: <i>C++</i>
939
-    <br>
940
-    Likely Mentors: <i>vmon</i>
941
-    <br><br>
942
-    <p>
943
-    <a
944
-    href="https://github.com/TheTorProject/stegotorus/tree/master/src">Stegotorus</a>
945
-    is a PT framework which streamline the development stealthier pluggable
946
-    transport. An HTTP pluggable transport is already implemented in Stegotorus
947
-    framework and can be used when encrypted payloads are throttled and only
948
-    ephemeral connections are tolerated.
949
-    </p>
950
-
951
-    <p>
952
-    The majority of work on Stegotorus is done and it can be deployed with a relatively minor improvements including:
953
-    </p>
954
-
955
-    <ul>
956
-      <li><b>#8098 A config file file for Stegotorus</b>
957
-        <p>
958
-        Stegotorus needs many configuration settings specially on the bridge
959
-        side. This include also the configuration required by each steg module.
960
-        Currently the configuration is fed to Stegotorus as command line
961
-        arguments but a file like torrc is needed so all tweaking can be read
962
-        from there.
963
-        </p>
964
-
965
-        <p><i>
966
-        Current Status and work needed to be done: The code for reading the
967
-        config file is written by SRI but it is not yet used in the Stegotorus
968
-        to read the config.
969
-        </i></p>
970
-      </li>
971
-
972
-      <li><b>#8101 Debugging the transparent proxy</b>
973
-        <p>
974
-        Stegotorus http module uses other websites payload to hide and serve
975
-        censored traffic. As such it needs to decide if the request is
976
-        genuinely to the auxiliary website, in that case becomes a transparent
977
-        proxy and serves the website content as requested, or if the request is
978
-        actually a request to serve censored material which should be delivered
979
-        to steg modules.
980
-        </p>
981
-
982
-        <p><i>
983
-        Current Status: This is completely implemented. However, the transparent proxy sometimes crashes and need to be triaged, debugged and fixed.
984
-        </i></p>
985
-      </li>
986
-
987
-      <li><b>#11337 refactoring the steg module code</b>
988
-        <p>
989
-        The http steg module code, although not essentials to the core of the
990
-        Stegotorus. needs some improvement and clean up. The solution is to
991
-        refactor the steg modules as children of FileStegMod.
992
-        </p>
993
-
994
-        <p><i>
995
-        Current status and work needed to be done: This has already been done
996
-        but still needs testing and refactoring before it can be reliably merge
997
-        to the master branch.
998
-        </i></p>
999
-      </li>
1000
-
1001
-      <li><b>#8089 Adding Elligator to Stegotorus handshake and test</b>
1002
-        <p>
1003
-        The current Stegotorus handshake is distinguishable from random byte
1004
-        string, which can be used to flag and detect Stegotorus traffic
1005
-        deterministically and need to be implemented similar to
1006
-        ScrambleSuite. Also because the capacity of client to server channel
1007
-        might be slim depending on the choice of steg module it is desirable
1008
-        to be implemented using Elliptic curve crypto. Hence, Elligator
1009
-        protocol is ideal solution for this situation. All we need is to replace Stegotorus handshake by Elligator.
1010
-        </p>
1011
-
1012
-        <p><i>
1013
-        Current Status and work needed to be done: Elligator handshake code is
1014
-        included in stegotorus code base, it is only needed to be called by
1015
-        instead of the current handshake and be tested.
1016
-        </i></p>
1017
-      </li>
1018
-
1019
-      <li><b>Make Stegotorus memory safe by using shared pointers</b>
1020
-        <p>
1021
-        Stegotorus has large code base and it is not written in a memory safe
1022
-        languages. To facilitate its audit, we need to replace (almost all) use
1023
-        of pointers to shared pointers.
1024
-        </p>
1025
-
1026
-        <p><i>
1027
-        Current Status: No progress has not been done.
1028
-        </i></p>
1029
-      </li>
1030
-
1031
-      <li><b>Security Audit and writing more unit test</b>
1032
-        <p>
1033
-        To be able to deploy Stegotorus for real world use we need to audit the
1034
-        code and write more unit test covering new aspects of the Stegotorus
1035
-        (new http transport, proxy server, Elligator handshake)
1036
-        </p>
1037
-
1038
-        <p><i>
1039
-        Current Status: No progress has been done.
1040
-        </i></p>
1041
-      </li>
1042
-
1043
-      <li><b>SRI branch merging</b>
1044
-        <p>
1045
-        Stegotorus has been forked from the initial development from SRI. Now
1046
-        that SRI is hosting Stegotorus publicly it is desirable to merge the
1047
-        two branches so we can benefit from both developments.
1048
-        </p>
1049
-
1050
-        <p><i>
1051
-        Current Status: No progress has been done.
1052
-        </i></p>
1053
-      </li>
1054
-
1055
-      <li><b>#8099 deterministic build</b>
1056
-        <p>
1057
-        To make deterministic build possible we need to build many of
1058
-        Stegotorus dependency from scratch. Boost library is a a huge
1059
-        dependency for Stegotorus to access the file system. As we are only
1060
-        planning to deploy Stegotorus bridges on Linux machines we can simplify
1061
-        such access without that dependency. By dropping such dependency, it
1062
-        should be straight forward to have deterministic build for Stegotorus.
1063
-        </p>
1064
-
1065
-        <p><i>
1066
-        Current Status: No progress has been done.
1067
-        </i></p>
1068
-      </li>
1069
-    </ul>
1070
-    </li>
1071
-
1072 934
     <a id="letsEncryptClient"></a>
1073 935
     <li>
1074 936
     <b>Expand the OS and Server Support of the Let's Encrypt Client</b>
1075 937