Skip to content
Snippets Groups Projects
Select Git revision
  • experimental
  • main default protected
2 results
Search by author
  • Any Author
  • Kali Kaneko Kali Kaneko kali
  • Max B Max B maxb
  • Pea Nut Pea Nut peanut2
  • atanarjuat tfr atanarjuat tfr atanarjuat
  • cyberta cyberta cyberta
  • jkito jkito jkito
  • kwadronaut kwadronaut kwadronaut
  • leap-code-o-matic leap-code-o-matic leap-code-o-matic
  • mcy100 mcy100 mcnair
  • micah micah micah
  • power puffin power puffin powerpuffin
  • sgk sgk sgk
  • tomm turbo tommturbo
13 authors
  1. Sep 24, 2014
  3. Sep 06, 2014
  5. Aug 27, 2014
    • Yawning Angel's avatar
      Change the TYPE_PRNG_SEED length to 24. · 94d3fe9a
      Yawning Angel authored 
      This matches what the code actually sends.  It's shorter than the
ScrambleSuit PRNG seed, but that's because the SipHash-2-4 based
Hash_DRBG has 24 bytes of internal state (key + initial output).
      94d3fe9a
  7. Jun 02, 2014
    • Yawning Angel's avatar
      Change how the length obfsucation mask is derived. · 5bdc376e
      Yawning Angel authored 
      Instead of using the nonce for the secret box, just use SipHash-2-4 in
OFB mode instead.  The IV is generated as part of the KDF.  This
simplifies the code a decent amount and also is better on the off
chance that SipHash-2-4 does not avalanche as well as it is currently
assumed.

While here, also decouple the fact that *this implementation* of obfs4
uses a PRNG with 24 bytes of internal state for protocol polymorphism
instead of 32 bytes (that the spec requires).

THIS CHANGE BREAKS WIRE PROTCOL COMPATIBILITY.
      5bdc376e
  9. May 23, 2014
  11. May 21, 2014
  13. May 17, 2014
  15. May 16, 2014