Obfuscated TCP

Obfuscated TCP

Obfuscated TCP (ObsTCP) was a proposal for a transport layer protocol which implements opportunistic encryption over TCP. It was designed to prevent mass wiretapping and malicious corruption of TCP traffic on the internet, with lower implementation cost and complexity than TLS. In August 2008, IETF rejected the proposal for a TCP option, suggesting it be done on the application layer instead.[1] The project has been inactive since a few months later.

In 2010 June, a separate proposal called tcpcrypt has been submitted, which shares many of the goals of ObsTCP: being transparent to applications, opportunistic and low overhead. It requires even less configuration (no DNS entries or HTTP headers). Unlike ObsTCP, tcpcrypt also provides primitives down to the application to implement authentication and prevent man-in-the-middle attacks.[2]

Contents

Historical origin

ObsTCP was created by Adam Langley, a former Maths and Computing student and systems administrator at Imperial College London, currently an employee of Google in California.[3][4] The concept of obfuscating TCP communications using opportunistic encryption evolved through several iterations. The experimental iterations of ObsTCP used TCP options in 'SYN' packets to advertise support for ObsTCP, the server responding with a public key in the 'SYNACK'. An IETF draft protocol was first published in July 2008. Packets were encrypted with Salsa20/8,[5] and signed packets with MD5 checksums.[6]

The present (third) iteration uses special DNS records (or out of band methods) to advertise support and keys, without modifying the operation of the underlying TCP protocol.[7]

Encryption Features

ObsTCP is a low cost protocol intended to protect TCP traffic, without requiring public key certificates, the services of Certificate Authorities, or a complex Public Key Infrastructure. It is intended to suppress the use of undirected surveillance to trawl unencrypted traffic, rather than protect against man in the middle attack.

The software presently supports the Salsa20/8[5] stream cipher and Curve25519[8] Elliptic-curve Diffie Hellman function.

Comparison with TLS/SSL/HTTPS

Feature ObsTCP SSL/TLS/HTTPS
Public Key Infrastructure Does not require a signed public key certificate Requires that a signed public key certificate is purchased (or self signed certificate is used)
Web Browser Support Patched versions of Firefox available[9] Widely supported by all popular web browsers
Web Server Support Requires patches/server upgrades for lighttpd and Apache[10] Widely supported by popular web servers
Network Latency Nil additional round trips per connection (though DNS lookup may be required to obtain key advertisement) One or two additional round trips per connection
Encryption Speed Very fast cryptography Slower
TCP Port Can use any TCP port Typically uses port 443
Security Characteristics Does not resist some man in the middle attacks Resists man in the middle attacks

Internet Protocol Security (IPsec), the protocol for IP encryption and authentication, forms an integral part of the base protocol suite in IPv6. IPsec support is mandatory in IPv6; this is unlike IPv4, where it is optional.

Connection establishment

A server using ObsTCP advertises a public key and a port number.

A DNS 'A record' may be used to advertise server support for ObsTCP (with a DNS 'CNAME record' providing a 'friendly' name). HTTP header records, or cached/out of band keyset information may also be used instead.

A client connecting to an ObsTCP server parses the DNS entries, uses HTTP header records, or uses cached/out of band data to obtain the public key and port number, before connecting to the server and encrypting traffic.

Weaknesses

ObsTCP is vulnerable to a number of man in the middle attacks.[citation needed]

See also

References

  1. ^ Adam Langley (2008-08-15). "Sorry folks, I think Obfuscated TCP died". Obfuscated TCP development blog. http://obstcp.blogspot.com/2008/08/sorry-folks-i-think-obfuscated-tcp-died.html. 
  2. ^ Andrea Bittau, et al. (2010-08-13). "The case for ubiquitous transport-level encryption". 19th USENIX Security Symposium. http://www.usenix.org/events/sec10/tech/full_papers/Bittau.pdf. 
  3. ^ "ObsTCP". Google. http://code.google.com/p/obstcp/. Retrieved 2009-05-08. 
  4. ^ "Intro (Biography of Adam Langley)". ImperialViolet.org. http://www.imperialviolet.org/intro.html. Retrieved 2009-05-08. [dead link]
  5. ^ a b "Snuffle 2005". cr.yp.to. http://cr.yp.to/snuffle.html. Retrieved 2009-05-08. 
  6. ^ "Extending the Space Available for TCP Options". IETF. http://www.ietf.org/internet-drafts/draft-eddy-tcp-loo-04.txt. Retrieved 2009-05-08. [dead link]
  7. ^ "Obfuscated TCP History". Google. http://code.google.com/p/obstcp/wiki/History. Retrieved 2009-05-08. 
  8. ^ "Curve25519: high-speed elliptic-curve cryptography". cr.yp.to. http://cr.yp.to/ecdh.html. Retrieved 2009-05-08. 
  9. ^ "Obfuscated TCP Clients: Firefox". Google. http://code.google.com/p/obstcp/wiki/Firefox. Retrieved 2009-05-08. 
  10. ^ "Installing ObsTCP using the ObsTCP transport layer". Google. http://code.google.com/p/obstcp/wiki/WebMastersOBS. Retrieved 2009-05-08. 

Wikimedia Foundation. 2010.

Игры ⚽ Нужно решить контрольную?

Look at other dictionaries:

  • Opportunistic encryption — (OE) refers to any system that, when connecting to another system, attempts to encrypt the communications channel otherwise falling back to unencrypted communications. This method requires no pre arrangement between the two systems. Opportunistic …   Wikipedia

  • Skype Protocol — Skype uses a proprietary Internet telephony (VoIP) network. The protocol has not been made publicly available by Skype and official applications using the protocol are closed source. The main difference between Skype and VoIP clients is that… …   Wikipedia

  • BitTorrent protocol encryption — Protocol encryption (PE), message stream encryption (MSE), or protocol header encrypt (PHE)[1] are related features of some peer to peer file sharing clients, including BitTorrent clients. They attempt to enhance privacy and confidentiality. In… …   Wikipedia

  • Intrusion detection system evasion techniques — are modifications made to attacks in order to prevent detection by an Intrusion Detection System (IDS). Almost all published evasion techniques modify network attacks. The 1998 paper [http://citeseer.ist.psu.edu/ptacek98insertion.html Insertion,… …   Wikipedia

  • Security and safety features new to Windows Vista — There are a number of security and safety features new to Windows Vista, most of which are not available in any prior Microsoft Windows operating system release.Beginning in early 2002 with Microsoft s announcement of their Trustworthy Computing… …   Wikipedia

  • Conficker — Common name Aliases Mal/Conficker A(Sophos) Win32/Conficker.A (CA) W32.Downadup (Symantec) W32/Downadup.A (F Secure) Conficker.A (Panda) Net Worm.Win32.Kido.bt ( …   Wikipedia

  • Deep packet inspection — (DPI) (also called complete packet inspection and Information eXtraction IX ) is a form of computer network packet filtering that examines the data part (and possibly also the header) of a packet as it passes an inspection point, searching for… …   Wikipedia

  • Internet Explorer — Windows Internet Explorer A component of Microsoft Windows Internet Explorer 9 in Wi …   Wikipedia

  • Nvidia — Coordinates: 37°22′14.62″N 121°57′49.46″W / 37.3707278°N 121.9637389°W / 37.3707278; 121.9637389 …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”