Opened 4 years ago

Last modified 8 months ago

#13878 new enhancement

Use encryption to circumvent deep packet inspection and cloud service awareness

Reported by: samurailink3 Owned by: sukhbir
Priority: Medium Milestone:
Component: Applications/GetTor Version:
Severity: Normal Keywords: encryption 7zip evasion
Cc: ilv@… Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Summary

Some cloud services that are friendly with government regimes may delete Tor installer files/accounts or block downloads in that area. To keep Tor installers/bundles obfuscated, emails should link to encrypted 7-zip archives and provide the password in the body of the email.

The purpose is not to hide data, but to circumvent protection measures based on file hashes. Making each bundle 'unique' from a file hash standpoint increases the likelihood that the files will reach their intended recipient.

Technical Details

7zip allows for very easy decryption on Windows platforms via creating an archive as an EXE. The password can be included in the email, as the only objective is to evade signature detection, not actually protect the contents of the attachments.

On Linux platforms, the archive can be a .tar.gz, .7z, or any other common archive format, but in encrypted format. Most distributions have a GUI component to extract encrypted archives.

Encryption should be done on-the-fly for each request, as governments or cooperative cloud providers will just start blocking the new hash. Changing the encryption password for each request will effectively disable file hash detection and blocking systems. This can be scripted into the existing gettor system.

7zip doesn't have to be the chosen encryption method, just the first open source, easy-to-use utility that came to mind.

Child Tickets

Change History (4)

comment:1 Changed 4 years ago by ilv

Thanks for the suggestion. It's a good idea, but for what I understand, it will require to upload the bundles on each request, something that is not contemplated in the design of the current GetTor, and I don't think it will be in the near future. Do you have information about actual governments or cloud services doing this?

comment:2 Changed 4 years ago by ilv

Cc: ilv@… added

comment:3 Changed 4 years ago by samurailink3

I don't have any information on governments blocking files based on hash values, but Dropbox has done this with copyrighted files in the past to prevent sharing (http://techcrunch.com/2014/03/30/how-dropbox-knows-when-youre-sharing-copyrighted-stuff-without-actually-looking-at-your-stuff/). I fully admit this is not a problem currently, but it would be a decent feature to, at least, keep in mind if the project starts running into this problem.

I don't imagine that Dropbox or Google Drive would go against the Tor project unless forced to by governmental authorities, but it is a real possibility for a concerned regime that has a history of filtering the internet (China, Iran, etc).

comment:4 Changed 8 months ago by teor

Severity: Normal

Set all open tickets without a severity to "Normal"

Note: See TracTickets for help on using tickets.