[tor-relays] obfs3 a risk to scramblesuit?

Philipp Winter phw at nymity.ch
Fri Feb 14 09:43:36 UTC 2014


On Fri, Feb 14, 2014 at 01:27:32AM +0000, Delton Barnes wrote:
> I am running a bridge with both obfs3 and scramblesuit.  obfs3 is
> vulnerable to active probing.  Say someone in China makes the mistake of
> connecting with obfs3 instead of scramblesuit, and active probing
> identifies it as a Tor bridge.  Wouldn't the bridge IP address then be
> blacklisted, making it impossible for other people to connect even with
> scramblesuit?  Would it make sense, then, as a bridge operator to elect
> to only support scramblesuit, even though no one will use it for a
> while?  It seems you are only as good as your weakest transport.

That's a good point.  When the GFW blocks a bridge, it typically does so by
blocking an IP:port tuple -- probably in an attempt to minimise collateral
damage [1].  Right now, that would save ScrambleSuit from an obfs3 instance on
the same machine getting blocked. However, the GFW could be easily extended to
scan ports on the same machine and look for other bridges.  Active probing
protection is not very useful if a censor strongly suspects your bridge to run
another protocol.

Note that you run into the same problem when you have a relay and a bridge on
the same machine.  The relay is public and nothing prevents a censor from
figuring out if there are bridges on the same machine.

So you are right, only running ScrambleSuit gives your bridge more protection
than running other protocols at the same time -- at the cost of attracting less
users, however.

[1] https://www.usenix.org/system/files/conference/foci12/foci12-final2.pdf

Cheers,
Philipp


More information about the tor-relays mailing list