-
- Downloads
Add replay detection to handshakes.
This is done by maintaining a map keyed off the SipHash-2-4 digest of the MAC_C component of the handshake. Collisions, while possible are unlikely in the extreme and are thus treated as replays. In concept this is fairly similar to the ScrambleSuit `replay.py` code, with a few modifications: * There is a upper bound on how large the replay filter can grow. Currently this is set to 102400 entries, though it is unlikely that this limit will be hit. * A doubly linked list is also maintained parallel to the map, so the filter compaction process does not need to iterate over the entire filter.
Showing
- handshake_ntor.go 16 additions, 6 deletionshandshake_ntor.go
- handshake_ntor_test.go 2 additions, 1 deletionhandshake_ntor_test.go
- obfs4.go 8 additions, 1 deletionobfs4.go
- replay_filter.go 138 additions, 0 deletionsreplay_filter.go
- replay_filter_test.go 92 additions, 0 deletionsreplay_filter_test.go
Loading
Please register or sign in to comment