[tor-bugs] #13878 [GetTor]: Use encryption to circumvent deep packet inspection and cloud service awareness

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Dec 2 14:13:58 UTC 2014 

#13878: Use encryption to circumvent deep packet inspection and cloud service
awareness
-------------------------------------+-------------------------
 Reporter:  samurailink3             |          Owner:  sukhbir
     Type:  enhancement              |         Status:  new
 Priority:  normal                   |      Milestone:
Component:  GetTor                   |        Version:
 Keywords:  encryption 7zip evasion  |  Actual Points:
Parent ID:                           |         Points:
-------------------------------------+-------------------------
 '''Summary'''

 Some cloud services that are friendly with government regimes may delete
 Tor installer files/accounts or block downloads in that area. To keep Tor
 installers/bundles obfuscated, emails should link to encrypted 7-zip
 archives and provide the password in the body of the email.

 The purpose is not to hide data, but to circumvent protection measures
 based on file hashes. Making each bundle 'unique' from a file hash
 standpoint increases the likelihood that the files will reach their
 intended recipient.

 '''Technical Details'''

 7zip allows for very easy decryption on Windows platforms via creating an
 archive as an EXE. The password can be included in the email, as the only
 objective is to evade signature detection, not actually protect the
 contents of the attachments.

 On Linux platforms, the archive can be a .tar.gz, .7z, or any other common
 archive format, but in encrypted format. Most distributions have a GUI
 component to extract encrypted archives.

 Encryption should be done on-the-fly for each request, as governments or
 cooperative cloud providers will just start blocking the new hash.
 Changing the encryption password for each request will effectively disable
 file hash detection and blocking systems. This can be scripted into the
 existing gettor system.

 7zip doesn't have to be the chosen encryption method, just the first open
 source, easy-to-use utility that came to mind.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13878>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list