Opened 6 years ago

Last modified 8 months ago

#10134 new task

Create bananaphone transport for obfsproxy

Reported by: asn Owned by:
Priority: Medium Milestone:
Component: Archived/Obfsproxy Version:
Severity: Normal Keywords:
Cc: dchasteen@… Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

david415 has started writing an obfsproxy module for bananaphone.

Code can be found here:
https://github.com/david415/obfsproxy
Discussion thread:
https://lists.torproject.org/pipermail/tor-dev/2013-November/005737.html

Child Tickets

Change History (15)

comment:1 Changed 6 years ago by asn

This will need a spec too (similar to obfs2 and obfs3)

comment:2 Changed 6 years ago by david

Cc: dchasteen@… added

The Bananaphone transport needs tor#10243 to be completed.

After that happens then we can test and then merge the Bananaphone transport.

Right now these tor#10243 related changes are here:
https://github.com/david415/obfsproxy/tree/david-bananaphone-public-options

Last edited 6 years ago by david (previous) (diff)

comment:3 Changed 6 years ago by asn

I commented on #10243.

Would you be interested in also writing a spec and threat model in the doc directory of obfsproxy? See how they look like for obfs3 and obfs2.

comment:4 Changed 6 years ago by david

ok i'll take a look

comment:5 Changed 6 years ago by asn

#10243 got merged! Which branch of yours should I be looking at for the bananaphone code?

Would you consider it's ready for review?

comment:6 Changed 6 years ago by david

Not yet. Almost. I just found a bug...

Last edited 6 years ago by david (previous) (diff)

comment:7 Changed 6 years ago by david

Fixed.
Now available for review.

https://github.com/david415/obfsproxy/commits/david-bananaphone

The client side is now using handle_socks_args
to retrieve the transport options from tor.

Removed all default transport options except abridged which defaults to false.
All transport options are required... like this:

My client side torrc has a bridge line like this:
Bridge bananaphone x.x.x.x:21172 modelName=markov corpus=/opt/bananaphone-corpora/pg29468.txt encodingSpec=words,sha1,4 order=1

And on the bridge torrc I've got this transport options line:
ServerTransportOptions bananaphone modelName=markov corpus=/opt/bananaphone-corpora/pg29468.txt encodingSpec=words,sha1,4 order=1

comment:8 Changed 6 years ago by asn

Hi,

the branch at https://github.com/david415/obfsproxy/commits/david-bananaphone is quite messy. At some point obfsproxy master is merged on top of it (5973e22d333a972b), and it also contains personal merge commits (e.g. 3a1ba23a862ca). It also doesn't apply cleanly on top of the current master.

Can you make a new clean branch (based on obfsproxy's master) and perform your changes on top?

(In the meanwhile, I will review the code.)

comment:9 Changed 6 years ago by asn

Your branch also contains many many changes that were either reverted or replaced with different changes afterwards.

comment:10 Changed 6 years ago by asn

(Sorry for the message spam)

It would also be nice if you could document bananaphone's options. For example, what does abridged and order means? Maybe you could add some default help strings in register_external_mode_cli()?

Also, maybe we should remove all the unused code from bananaphone.py? Like the hammertime stuff and main()? BTW, I liked how you introduced Leif's code intact and then changed it; makes it easier to keep track of changes.

comment:11 Changed 6 years ago by asn

Also also, would it be unreasonable to ask for some core-bananaphone unit tests?

I realize that the probabilistic nature of bananaphone makes it hard to unit test, but maybe we can make it more deterministic by providing our own corpus and randomness (just for the unittest).

The bananaphone.py codebase is big and complex enough to benefit from some testing.

comment:12 Changed 5 years ago by asn

Hello,

I say we revisit this ticket. Bananaphone would be fun to have in obfsproxy, even without robust unittests (bananaphone breaking shouldn't cause any breakage in the other transports anyway).

I tried to rebase the latest branch to the current master but it failed. I also tried to run the instructions from http://bananaphone.io but they failed with an assert error when started up in external mode.

If we can get bananaphone rebased and running both in external and in managed mode, I will merge it.
Also, what should we do with the corpus? Should we include one in obfsrpoxy? That might increase obfsproxy's size more than we are comfortable with?

comment:13 Changed 23 months ago by teor

Severity: Normal

Set all open tickets without a severity to "Normal"

comment:14 Changed 9 months ago by teor

Owner: asn deleted
Status: newassigned

asn does not need to own any obfuscation tickets any more. Default owners are trouble.

comment:15 Changed 8 months ago by cohosh

Status: assignednew

tickets are unassigned, reverting to 'new'

Note: See TracTickets for help on using tickets.