[tor-dev] Collecting data to demonstrate TCP ISN-based port knocking

Julian Kirsch kirschju at sec.in.tum.de
Wed May 14 22:22:40 UTC 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi all,

some of you might remember a project called "Knock", which implements
a variant of port-knocking in the Linux kernel that can be used to
check the authenticity of arbitrary TCP connections and even can do
integrity checking of the TCP payload by using a pre-shared key. Knock
started as a student project which was presented during the Tor
developer meeting at Technische Universität München last July. This
was also where Jake added his two cents to help the project to move on.

We still hope that Knock will be eventually useful for Tor (think:
bridges), but could use your help to collect data to help convince the
Linux people to adopt the latest patch.

As Knock uses two fields in the TCP header in order to hide information
and we explicitly want to be compatible with machines sitting in
typical home networks, we need to make sure that this information
doesn't get corrupted by the majority of NAT boxes out there. We thus
created a program which tests if Knock would work in your environment.
It would be great if some of you were able to execute the program on
your machines in order to help us to get an estimation of if Knock one
day could be used in a large scale.

You can find sources, binaries and a more elaborate description here:
https://gnunet.org/knock_nat_tester
Technical details about Knock and a (somewhat outdated) research paper
as well as kernel patches are provided here:
https://gnunet.org/knock

Best,
Julian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJTc+ytAAoJENwkOWttRRA4X/MH/3rDq/szoRTxQDNa8TlBQqNv
3Lcsze55XTpaYY2k9gwK5lKUXar4Ngy6v4i+SOjSrC/gZur5j/g/8LhKy5XdvHdl
zXXV2+3ubkK+lWzOq0JP3rJ8lKDAW3Lor0EnVEmZv45+fpgQIbyTKvmEUaiU0l5l
A10wDsXjvWTApl+S52pga2qK0g397hn+Y99843PRl8KSxpFDP0t4vTBYBZmLYbMT
o7rfoe5BiUtogAgvLdlJ4GlQUrHiH4s6QyQb5/obcGBaN1V8ydkjH0pw6yHR4PTD
D5IB7ZYadwi+9k1UyQbAwTCs9+6omiPzN0ugeTdcffzQio2eZUzPOQPyS9vRPwM=
=gXcK
-----END PGP SIGNATURE-----


More information about the tor-dev mailing list