Opened 5 years ago

Last modified 21 months ago

#17315 new defect

explain replay prevention in obfs4 spec

Reported by: arma Owned by:
Priority: Medium Milestone:
Component: Circumvention/Pluggable transport Version:
Severity: Normal Keywords:
Cc: phw, yawning Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


phw informs me that obfs4 does indeed have replay prevention (where if you record the client traffic and send it again, you don't get to learn if it's an obfs4 bridge). But when I look at
then the word 'replay' doesn't show up.

How does the protection work? Should it be in the spec?

Child Tickets

Change History (5)

comment:1 Changed 5 years ago by arma

Cc: phw yawning added

comment:2 Changed 5 years ago by yawning

I wasn't going to specify how it was implemented...

                if hmac.Equal(macCmp, macRx) {
                        // Ensure that this handshake has not been seen previously.
                        if filter.TestAndSet(time.Now(), macRx) {
                                // The client either happened to generate exactly the same
                                // session key and padding, or someone is replaying a previous
                                // handshake.  In either case, fuck them.
                                return nil, ErrReplayedHandshake

                        macFound = true
                        hs.epochHour = epochHour

                        // We could break out here, but in the name of reducing timing
                        // variation, evaluate all 3 MACs.

comment:3 Changed 3 years ago by teor

Severity: Normal

Set all open tickets without a severity to "Normal"

comment:4 Changed 21 months ago by teor

Owner: asn deleted
Status: newassigned

asn does not need to own any obfuscation tickets any more. Default owners are trouble.

comment:5 Changed 21 months ago by cohosh

Status: assignednew

tickets were assigned to asn, setting them as unassigned (new) again.

Note: See TracTickets for help on using tickets.