-
- Downloads
Change how the length obfsucation mask is derived.
Instead of using the nonce for the secret box, just use SipHash-2-4 in OFB mode instead. The IV is generated as part of the KDF. This simplifies the code a decent amount and also is better on the off chance that SipHash-2-4 does not avalanche as well as it is currently assumed. While here, also decouple the fact that *this implementation* of obfs4 uses a PRNG with 24 bytes of internal state for protocol polymorphism instead of 32 bytes (that the spec requires). THIS CHANGE BREAKS WIRE PROTCOL COMPATIBILITY.
Showing
- doc/obfs4-spec.txt 18 additions, 10 deletionsdoc/obfs4-spec.txt
- drbg/hash_drbg.go 7 additions, 5 deletionsdrbg/hash_drbg.go
- framing/framing.go 23 additions, 15 deletionsframing/framing.go
- obfs4.go 10 additions, 2 deletionsobfs4.go
- obfs4proxy/obfs4proxy.go 7 additions, 4 deletionsobfs4proxy/obfs4proxy.go
- packet.go 1 addition, 1 deletionpacket.go
Loading
Please register or sign in to comment