tor-webwml.git

@@ -1527,6 +1527,144 @@ implementation.

     </p>

     </li>

+    <a id="stegotorus"></a>

+    <li>

+    <b>Make Stegotorus deployment ready</b>

+    <br>

+    Language: <i>C++</i>

+    <br>

+    Likely Mentors: <i>vmon</i>

+    <br><br>

+    <p>

+    <a

+    href="https://github.com/TheTorProject/stegotorus/tree/master/src">Stegotorus</a>

+    is a PT framework which streamline the development stealthier pluggable

+    transport. An HTTP pluggable transport is already implemented in Stegotorus

+    framework and can be used when encrypted payloads are throttled and only

+    ephemeral connections are tolerated.

+    </p>

+

+    <p>

+    The majority of work on Stegotorus is done and it can be deployed with a relatively minor improvements including:

+    </p>

+

+    <ul>

+      <li><b>#8098 A config file file for Stegotorus</b>

+        <p>

+        Stegotorus needs many configuration settings specially on the bridge

+        side. This include also the configuration required by each steg module.

+        Currently the configuration is fed to Stegotorus as command line

+        arguments but a file like torrc is needed so all tweaking can be read

+        from there.

+        </p>

+

+        <p><i>

+        Current Status and work needed to be done: The code for reading the

+        config file is written by SRI but it is not yet used in the Stegotorus

+        to read the config.

+        </i></p>

+      </li>

+

+      <li><b>#8101 Debugging the transparent proxy</b>

+        <p>

+        Stegotorus http module uses other websites payload to hide and serve

+        censored traffic. As such it needs to decide if the request is

+        genuinely to the auxiliary website, in that case becomes a transparent

+        proxy and serves the website content as requested, or if the request is

+        actually a request to serve censored material which should be delivered

+        to steg modules.

+        </p>

+

+        <p><i>

+        Current Status: This is completely implemented. However, the transparent proxy sometimes crashes and need to be triaged, debugged and fixed.

+        </i></p>

+      </li>

+

+      <li><b>#11337 refactoring the steg module code</b>

+        <p>

+        The http steg module code, although not essentials to the core of the

+        Stegotorus. needs some improvement and clean up. The solution is to

+        refactor the steg modules as children of FileStegMod.

+        </p>

+

+        <p><i>

+        Current status and work needed to be done: This has already been done

+        but still needs testing and refactoring before it can be reliably merge

+        to the master branch.

+        </i></p>

+      </li>

+

+      <li><b>#8089 Adding Elligator to Stegotorus handshake and test</b>

+        <p>

+        The current Stegotorus handshake is distinguishable from random byte

+        string, which can be used to flag and detect Stegotorus traffic

+        deterministically and need to be implemented similar to

+        ScrambleSuite. Also because the capacity of client to server channel

+        might be slim depending on the choice of steg module it is desirable

+        to be implemented using Elliptic curve crypto. Hence, Elligator

+        protocol is ideal solution for this situation. All we need is to replace Stegotorus handshake by Elligator.

+        </p>

+

+        <p><i>

+        Current Status and work needed to be done: Elligator handshake code is

+        included in stegotorus code base, it is only needed to be called by

+        instead of the current handshake and be tested.

+        </i></p>

+      </li>

+

+      <li><b>Make Stegotorus memory safe by using shared pointers</b>

+        <p>

+        Stegotorus has large code base and it is not written in a memory safe

+        languages. To facilitate its audit, we need to replace (almost all) use

+        of pointers to shared pointers.

+        </p>

+

+        <p><i>

+        Current Status: No progress has not been done.

+        </i></p>

+      </li>

+

+      <li><b>Security Audit and writing more unit test</b>

+        <p>

+        To be able to deploy Stegotorus for real world use we need to audit the

+        code and write more unit test covering new aspects of the Stegotorus

+        (new http transport, proxy server, Elligator handshake)

+        </p>

+

+        <p><i>

+        Current Status: No progress has been done.

+        </i></p>

+      </li>

+

+      <li><b>SRI branch merging</b>

+        <p>

+        Stegotorus has been forked from the initial development from SRI. Now

+        that SRI is hosting Stegotorus publicly it is desirable to merge the

+        two branches so we can benefit from both developments.

+        </p>

+

+        <p><i>

+        Current Status: No progress has been done.

+        </i></p>

+      </li>

+

+      <li><b>#8099 deterministic build</b>

+        <p>

+        To make deterministic build possible we need to build many of

+        Stegotorus dependency from scratch. Boost library is a a huge

+        dependency for Stegotorus to access the file system. As we are only

+        planning to deploy Stegotorus bridges on Linux machines we can simplify

+        such access without that dependency. By dropping such dependency, it

+        should be straight forward to have deterministic build for Stegotorus.

+        </p>

+

+        <p><i>

+        Current Status: No progress has been done.

+        </i></p>

+      </li>

+    </ul>

+    </li>

+

 <!--

     <a id=""></a>

     <li>