Re: [tor-dev] obfsproxy buffering

2013-11-18 Thread David Stainton
yeah... you are right! Thanks for the clarification. I've been meaning to read the Stegotorus paper soon. Cheers! David On Mon, Nov 18, 2013 at 9:24 AM, Zack Weinberg wrote: > On Mon, Nov 18, 2013 at 10:47 AM, David Stainton > wrote: >>> Super-simple framing protocols often fall victim to at

Re: [tor-dev] obfsproxy buffering

2013-11-18 Thread Zack Weinberg
On Mon, Nov 18, 2013 at 10:47 AM, David Stainton wrote: >> Super-simple framing protocols often fall victim to attacks in which the >> adversary messes with the length in the frame header. See, for example, >> "Plaintext Recovery Attacks Against SSH": >> http://www.isg.rhul.ac.uk/~kp/SandPfinal.p

Re: [tor-dev] obfsproxy buffering

2013-11-18 Thread David Stainton
>> It seems like the solution is to write a super simple "framing >> protocol"... which is to say that I can first send a frame length; and >> on the receiving end simply read until frame length worth of data is >> consumed... and then apply the crypto_stream cipher on that frame with >> the correc

Re: [tor-dev] obfsproxy buffering

2013-11-18 Thread David Stainton
> Super-simple framing protocols often fall victim to attacks in which the > adversary messes with the length in the frame header. See, for example, > "Plaintext Recovery Attacks Against SSH": > http://www.isg.rhul.ac.uk/~kp/SandPfinal.pdf > > So be careful here. > >- Ian Over Tor it won't be

Re: [tor-dev] obfsproxy buffering

2013-11-18 Thread Ian Goldberg
On Sun, Nov 17, 2013 at 07:33:12PM -0800, David Stainton wrote: > Hi, > > I noticed that because the obfsproxy api can sometimes buffer and > resend smaller chunks of data. My simple use of Nacl stream_crypto to > wrap each incoming data buffers will not work... that is because the > client and se

Re: [tor-dev] obfsproxy buffering

2013-11-18 Thread Philipp Winter
On Sun, Nov 17, 2013 at 07:33:12PM -0800, David Stainton wrote: > It seems like the solution is to write a super simple "framing > protocol"... which is to say that I can first send a frame length; and > on the receiving end simply read until frame length worth of data is > consumed... and then app

[tor-dev] obfsproxy buffering

2013-11-17 Thread David Stainton
Hi, I noticed that because the obfsproxy api can sometimes buffer and resend smaller chunks of data. My simple use of Nacl stream_crypto to wrap each incoming data buffers will not work... that is because the client and server must keep synchronized nonce counters for the decrypt/encrypt to work..