×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Tor Tests Undetectably Encrypted Connections In Iran

timothy posted more than 2 years ago | from the great-song-from-flock-of-seagulls dept.

Censorship 157

Sparrowvsrevolution writes "Ahead of the anniversary of Iran's revolution, the country's government has locked down its already-censored Internet, blocking access to many services and in some cases cutting off all encrypted traffic on the Web of the kind used by secure email, social networking and banking sites. In response, the information-freedom-focused Tor Project is testing a new tool it's calling 'obfsproxy,' or obfuscated proxy, which aims to make SSL or TLS traffic appear to be unencrypted traffic like HTTP or instant messaging data. While the tool currently only disguises SSL as the SOCKS protocol, in future versions it will aim to disguise encrypted traffic as any protocol the user chooses. Tor executive director Andrew Lewman says the idea is to 'make your Ferrari look like a Toyota by putting an actual Toyota shell over the Ferrari.'" Reader bonch adds: "A thread on Hacker News provides first-hand accounts as well as workarounds."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

157 comments

Sounds like a tool for P I R A T E S !! (5, Funny)

elrous0 (869638) | more than 2 years ago | (#38997733)

The MPAA has already called in the FBI, CIA, NSA, and a cadre of hired Senators to put a stop to this illegal piracy-facilitating tool--which, if it's not stopped, will cost millions of American jobs and perhaps collapse the entire economy. Our children's futures are at stake here, people!!!

Re:Sounds like a tool for P I R A T E S !! (2)

jcreus (2547928) | more than 2 years ago | (#38997815)

Hmm. Let's take down computers, operating systems, browsers... They also use them!

Re:Sounds like a tool for P I R A T E S !! (1)

timeOday (582209) | more than 2 years ago | (#38997933)

This must involve a huge blowup of the data. I can't imagine how large a movie would be encrypted to look like an innocuous chat session.

Re:Sounds like a tool for P I R A T E S !! (5, Funny)

MightyYar (622222) | more than 2 years ago | (#38998009)

Hi there! 48
All is well in the Islamic Republic! 65
Our glorious leader has won another election! 6c
Praise Allah! 70

Re:Sounds like a tool for P I R A T E S !! (0)

Anonymous Coward | more than 2 years ago | (#38998017)

How about sth like base64, but more human-like on top of everything?

Re:Sounds like a tool for P I R A T E S !! (-1)

Anonymous Coward | more than 2 years ago | (#39000315)

Is it SO FUCKING difficult to type the word SOMETHING you lazy fucking retard??

Re:Sounds like a tool for P I R A T E S !! (4, Insightful)

phrostie (121428) | more than 2 years ago | (#38998005)

Wasn't it the Government that first created it?

from their about page:

"Tor was originally designed, implemented, and deployed as a third-generation onion routing project of the U.S. Naval Research Laboratory. It was originally developed with the U.S. Navy in mind, for the primary purpose of protecting government communications. Today, it is used every day for a wide variety of purposes by normal people, the military, journalists, law enforcement officers, activists, and many others. "

Re:Sounds like a tool for P I R A T E S !! (4, Interesting)

TubeSteak (669689) | more than 2 years ago | (#38998117)

Don't forget that the US State Department is the de-facto sponsor of TOR.
TOR gets most of its funding from groups that get most of their funding from the State Dept.

Re:Sounds like a tool for P I R A T E S !! (1)

Luckyo (1726890) | more than 2 years ago | (#38998471)

Right hand, left hand...

Be afraid of the brain (i.e. money that buys the machine controls) actually realizing what's going on.

Re:Sounds like a tool for P I R A T E S !! (1)

Anthony Mouse (1927662) | more than 2 years ago | (#38999233)

Be afraid of the brain (i.e. money that buys the machine controls) actually realizing what's going on.

That might not be such a bad thing, actually. Think about whose interests the state department is supporting by producing these tools: The US military and defense contractors, the CIA and NSA, oil companies... Remember all that talk about how much bigger the tech industry is than the entertainment industry? Look at the size of the defense and intelligence industry sometime.

Re:Sounds like a tool for P I R A T E S !! (3, Funny)

Luckyo (1726890) | more than 2 years ago | (#38999469)

Then look at their imaginary size (our yearly piracy losses are bigger then world's GDP says report given to congress!), then look at modern economy being about imaginary values rather then real values (stock market, derivatives, futures...).

Then get a big bottle of your favourite alcohol and drown the sorrow.

Re:Sounds like a tool for P I R A T E S !! (3, Insightful)

Jah-Wren Ryel (80510) | more than 2 years ago | (#38998181)

Wasn't it the Government that first created it?

The US government also funded the Taliban (to fight the Russians) and the Israeli goverment funded Hamas (to fight the PLO).

Re:Sounds like a tool for P I R A T E S !! (1, Informative)

Moryath (553296) | more than 2 years ago | (#38998971)

You've got your history partially wrong.

The US government DID fund the Taliban (rather than see the USSR take over Afghanistan). However, the whole "Israel funded Hamas" bullshit is just that, bullshit. Hamas is an offshoot of the Muslim Brotherhood movement, which was Egypt-centered and got (still gets) most of its funding and material through Iranian connections (similar to other MB offshoots such as the Lebanese Hizb'Allah and the current Syrian government).

The reason for this was that Iran has a tendency to fund Twelver Shi'a [wikipedia.org] uprisings and groups in mostly-Sunni countries.

Do a little research next time before parroting bullshit.

Re:Sounds like a tool for P I R A T E S !! (1)

f3rret (1776822) | more than 2 years ago | (#38999289)

Well to be fair Operation Cyclone [wikipedia.org] did not specifically fund the Taliban, they sponsored many of the mujahadeen, including some who went off to become the anti-Taliban Northern Alliance.

Who cares? (0)

Anonymous Coward | more than 2 years ago | (#38999869)

We're waiting for the day Iran drops a nuke on Israel, so the world will be a safer place.

Re:Sounds like a tool for P I R A T E S !! (0)

Anonymous Coward | more than 2 years ago | (#38998373)

The Government also created nukes, that does not mean they want someone but them using them.

Re:Sounds like a tool for P I R A T E S !! (1)

SRM2 (1157311) | more than 2 years ago | (#38998041)

The MPAA in in the business of going after Somalians now?

Re:Sounds like a tool for P I R A T E S !! (1)

Merk42 (1906718) | more than 2 years ago | (#38998159)

Don't forget "Stifle Innovation", the "think of the children" for technology.

The root of the problem (3, Insightful)

hobarrera (2008506) | more than 2 years ago | (#38997765)

While this is a great effort, and I really congratulate the Tor proyect for all that they've done and continue to do, this still is nowhere close to the solution on the real issue here: governments that over and over again limit people's freedom of speech and privacy.

Re:The root of the problem (2, Interesting)

Anonymous Coward | more than 2 years ago | (#38997807)

What do you propose we Western geeks do about the government of Iran?

Re:The root of the problem (4, Funny)

John3 (85454) | more than 2 years ago | (#38997929)

Write code that messes with their technology, perhaps something that might wreak havoc on centrifuges or other industrial machinery?

Re:The root of the problem (4, Insightful)

capnchicken (664317) | more than 2 years ago | (#38997871)

Unfortunately you always have to build things in spite of people, and can never count on altruism because there will always be bad actors, and those bad actors always have the chance of gaining power. It's the human condition, the only thing you can do is route around it. I agree we should address it from many fronts, but technological circumvention, while maybe only alleviating symptoms, seems to be very effective.

Re:The root of the problem (1)

Anonymous Coward | more than 2 years ago | (#38997883)

Do not worry people. Is impossible to stop antiencription.
just imagine the following idea.
You write a tottaly understable text with some easy code. For example. The first letter of each word are a phrase.
Well. you can create extensive false documents (there where papers accepted by academics written by computers, so is not entirely impossible) with this kind of coding (There are a lot of more complex algorithms involving taken only the letters from a formula, etc).
If only some people has the code to break it. Only those people can break it.
there are some examples of encrited books that not even today could be descifred. So... imagination will win the battle here.

Re:The root of the problem (0)

Anonymous Coward | more than 2 years ago | (#38999979)

I dare you to make less sense.

Re:The root of the problem (2)

Anthony Mouse (1927662) | more than 2 years ago | (#38999301)

While this is a great effort, and I really congratulate the Tor proyect for all that they've done and continue to do, this still is nowhere close to the solution on the real issue here: governments that over and over again limit people's freedom of speech and privacy.

That is sort of missing the big picture. Yes, you have to fight governments that oppress and censor... but this is one of the ways you do it. It's a lot easier to convince someone that censorship is wrong if it is, in any event, totally ineffective -- because you take away any possible upside. It no longer becomes a weighing of the benefits of censorship against its costs, because the benefits are destroyed by developing this type of technology. Censorship becomes something that has only costs, and there ceases to be any incentive for a self-interested government to impose it.

Re:The root of the problem (0)

Anonymous Coward | more than 2 years ago | (#39000059)

Unless you're proposing something that's totally creepy and controlling on a global scale (eg: create something that makes people physiologically unable to do "immoral" things) I don't think there's much we can do.

And one man's free speech is another man's violation of privacy.

Disguise encrypted as unencrypted? (4, Funny)

Arancaytar (966377) | more than 2 years ago | (#38997767)

How do you hide something unreadable within something readable? ... damn, you're going to make me RTFA, aren't you? :P

Re:Disguise encrypted as unencrypted? (0)

Anonymous Coward | more than 2 years ago | (#38997853)

maybe too simple too be true but you could send an encrypted blob B inside a readable html page maybe ?

have the img="lovely_pic.jpg" contain a lovely pic with inside it the blob B. As long as you could send a
binary file throughout the protocol, it can contain bytes that are encrypted.

Re:Disguise encrypted as unencrypted? (5, Insightful)

pushing-robot (1037830) | more than 2 years ago | (#38997885)

It's steganography. They've created a strong AI capable of passing as human and conversing intelligently with other copies of itself. Each AI instance develops relationships with others, sharing email and IMs about its loves and hates, passions and dreams, even photos of virtual family and pets. All of which can contain a hidden payload of your private data.

But enough technical mumbo-jumbo. What matters is you'll now be able to surf porn sites without anyone knowing.

Re:Disguise encrypted as unencrypted? (0)

Hatta (162192) | more than 2 years ago | (#38997893)

Easy. Send a payload that has some randomness to it. For example, a JPEG will have mostly random least significant bits. So now you take your encrypted data, which looks like random data, and replace the random LSBs in the JPG with your encrypted data. This is still vulnerable to statistical analysis, because little in nature is truly as random as random data is. But it raises the bar.

Re:Disguise encrypted as unencrypted? (1)

CanHasDIY (1672858) | more than 2 years ago | (#38998007)

This is still vulnerable to statistical analysis, because little in nature is truly as random as random data is.

Uh, I thought it was the other way around, as the "randomness" of the data is determined by the use of non-random algorithms, whereas nature is not dependent on such defined programming.

As an example, compare Rhapsody's "shuffle" setting that only repeats 20 songs from a 500 song playlist over and over, as opposed to closing your eyes and chucking darts at the same list.

Re:Disguise encrypted as unencrypted? (0)

Hatta (162192) | more than 2 years ago | (#38998217)

"shuffle" is not a cryptographically secure algorithm. If your encryption is seeded with sufficiently random data, then the encrypted data will be indistinguishable from random.

Nature is truly random, but there are different types and degrees of randomness. If the noise in the LSB tends to be Brownian and you replace it with white noise, that's going to be detectable.

Re:Disguise encrypted as unencrypted? (2)

KhabaLox (1906148) | more than 2 years ago | (#38999473)

If the noise in the LSB tends to be Brownian and you replace it with white noise, that's going to be detectable

Replacing brown noise with white noise? Sounds pretty racist to me.

Re:Disguise encrypted as unencrypted? (2)

trum4n (982031) | more than 2 years ago | (#38998255)

...as opposed to closing your eyes and chucking darts at the same list.

However, it does extend the operating life of your LCD.

Re:Disguise encrypted as unencrypted? (1)

Culture20 (968837) | more than 2 years ago | (#38999085)

Chucking darts at a wall is incredibly non-random. It's good for a one-time toss, but repeated uses will cluster badly.

Re:Disguise encrypted as unencrypted? (1)

CanHasDIY (1672858) | more than 2 years ago | (#38999337)

closing your eyes and chucking darts at the same list.

Chucking darts at a wall is incredibly non-random. It's good for a one-time toss, but repeated uses will cluster badly.

Looks like you might benefit from this. [abcteach.com]

Re:Disguise encrypted as unencrypted? (1)

Culture20 (968837) | more than 2 years ago | (#38999543)

I'm sorry, but even with eyes closed, you'll tend to throw the same way every time (unless you purposefully throw differently with each toss, then it's still non-random, but psychology has to be taken into account).

Re:Disguise encrypted as unencrypted? (1)

Anonymous Coward | more than 2 years ago | (#38997931)

It's actually pretty easy. I bet you couldn't hIwD5E4YmYgu7EABA/4zkMc2B2jVFcLC2s8SbV4MWdJCb0buQe0eEJX9XuMgNEbG even tell this was a ryyIKnRf2Zg8TvdClV20DsClRXR9GICX2pdhEFWqSJDQuLQX2sC7fVPshoOYkutV secretly encrypted KFyslVdYKQlLq4cwOHCTbIDLPdTFFpSuhIOvgk8yhcQTo2M7VY6xmaNLtYm0/9JE message, hiding in plain AS2LW55DgwHs6waLou78owXYW7vQBkhQLky69gV4htAhwIEqkdzS5w3iE36a9eyZI sight on plain old HTTP in /63GXN745FjoP8hwSZCfffhY0L8= ordinary HTTP traffic with no SSL/TLS at all. =DKJ0 It looks just like normal traffic, doesn't it?

Re:Disguise encrypted as unencrypted? (2)

X0563511 (793323) | more than 2 years ago | (#38997987)

encapsulation.

Here's one way to do it:

Send the SSL data in a standard HTTP stream. Even better, base64 encode the data, so it looks like actual text.

To block this means either blocking HTTP as a whole, or building/buying some expensive stuff that can understand HTTP and do some kind of content analysis on it.

Re:Disguise encrypted as unencrypted? (1)

lgw (121541) | more than 2 years ago | (#38999057)

Well, perhaps the Iranian government can't just buy that sort of deep packet analysis tool off the shelf, but most people can. Detecting steganography is very easy once you know the algorithm used. If they just crammed base64 text into text streams, most ISPs could already flag that, using equipment already in place, with a few minutes work on the regex.

Re:Disguise encrypted as unencrypted? (1)

swb (14022) | more than 2 years ago | (#38999283)

Has anyone done this?

It'd sure be nice to have some kind of an implementation of it built into OpenSSH and a client like Putty, and robust enough to work through a firewall proxy.

I'm sure it belongs as some standalone proxy, but having it integrated would make it easier and less painful to use from a client perspective, although I would imagine it would have to be a pretty simplistic implementation (wrap SSL in HTTP, base64 encoded only) and not delve to far into actual steganography.

In other words, useful for evading very aggressive firewalling and HTTP proxying.

Wouldn't content analysis just be a case of monitoring a stream and looking for the presence of English or local language text over a period of time? Of course, I'm probably grossly overestimating the number of HTTP streams that are used for binary data for applications and never include the kind of human/machine readable English or local language text.

Or doing a file(1) type analysis of the decoded content to see if it matched?

You could probably use a couple of heuristics in combination and then use some kind of "probability" value to tune whether or not you thought it was fishy.

Re:Disguise encrypted as unencrypted? (1)

X0563511 (793323) | more than 2 years ago | (#38999579)

As far as the file style analysis - this wouldn't be possible except at the very beginning of the connection, as the data in the middle looks like garbage.

The beginning though - where certificates are exchanged and handshakes made - this could be picked up on, and if the connection was squashed at this point, it wouldn't be possible to continue.

Re:Disguise encrypted as unencrypted? (0)

Anonymous Coward | more than 2 years ago | (#38998113)

its easier than you think.
just assign every symbol a chain of characters. After that use some algorithm to add those characters into a text
Example @ = imcs (then writte a phrase where the third letter of the word is the relevant)
This is a simple encrited test.

Do the same with the other simbols, and you can write almost everything.

Hope not to end in jail just for teaching easy encription on the web.

As I read the blurb ... (4, Informative)

Ungrounded Lightning (62228) | more than 2 years ago | (#38998213)

How do you hide something unreadable within something readable? ... damn, you're going to make me RTFA, aren't you? :P

As I read the blurb (I have no inside knowledge) they're not making the PAYLOAD look unencrypted. They're circumventing the type-of-flow identification mechanisms built into router filtering by encapsulating the encrypted data within an outer layer (and addressed to the port of) another protocol. (They may even have put a layer on top of the existing service so that, unless it identifies the flow as an encapsulated TOR flow, it actually PERFORMS the service.)

The result would be that, if they intercept the flow and try to parse it as what it purports to be, it may not make sense. But if their router look at the parts of the packets that are characteristic of what the flow purports to be, it will identify it as normal traffic and let it through. And if the router tries doing something like a keyword search through the bodies of the packets it won't get hits because the bodies are encrypted.

You can use this approach with any protocol that can handle the traffic patters of a TOR connection (possibly with added padding packets to make the characteristics look more like the purported flow).

Downsides might be:

1) If you do a masked TOR only server on the port they might try to connect to the purported flow and detect that this server is not what it seems.

2) If you do a diverting pancake you need a way to flag for the pancake that this is the masked TOR flow. If that's well known they might write a filter for it. (Eric Wustrow, Scott Wolchok, Ian Goldberg, and J. Alex Halderman have developed a steganographic method for applying such a tag. It is embedded in their own "TELEX" network-based firewall bypasser but might be adapted to this purpose. paper [telex.cc] a href="https://telex.cc/"code")

Re:Disguise encrypted as unencrypted? (2)

betterunixthanunix (980855) | more than 2 years ago | (#38998233)

Think of it in terms of error correcting codes. You and I agree on a secret linear code, and we then add our codewords to a noisy channel (at the lowest power possible to allow decoding to occur). If the noise power is high enough, then our codewords should be undetectable in the channel; but we can still recover the codewords because we know what error correcting code is being used (it is widely believed that detecting the codewords without knowledge of the code is hard; this is just a restatement of the Learning With Errors problem). Our secret key is a description of the code (which is just a matrix) and we can even turn this into a public key system.

Now, the trick is to determine if the system is still secure when the noise is sampled in some specific way that we cannot control. Is the background noise in a voice chat suitable? What about packet delays (which might be manipulated by your ISP to break the system)? The method described above works fine as a cryptosystem, but there is more work to be done if you want a stegosystem.

Re:Disguise encrypted as unencrypted? (0)

Anonymous Coward | more than 2 years ago | (#38998293)

I really don't get the car analogy.

I mean, if you put both cars through a grinder (encryption) or press (archiving), won't that make the toyota and ferrari the same?

Re:Disguise encrypted as unencrypted? (0)

Anonymous Coward | more than 2 years ago | (#38998941)

The exact opposite of Perl coding.

Seems about right (4, Insightful)

bigredradio (631970) | more than 2 years ago | (#38997821)

The more you tighten your grip, $dictator, the more $locations will slip through your fingers. - $rebel_princess.

Cue the apologists (-1)

Anonymous Coward | more than 2 years ago | (#38997965)

Cue the apologists who storm in to loudly proclaim that "our" government isn't as oppressive as "theirs".

That's irrelevant.

The question isn't whether "their" goverment is more oppressive than "ours". The question is how can we prevent "our" government from becoming more oppressive. How can we fight it? History shows that governments only expand in power and revenue over their lifetimes; therefore common sense tells us that it WILL happen someday.

If they're undetectable... (2)

eternaldoctorwho (2563923) | more than 2 years ago | (#38997823)

...then how do they get tested deterministically? They MUST be undetectable, because the summary headlines are never ever wrong, nor do they exaggerate.

Re:If they're undetectable... (0)

Anonymous Coward | more than 2 years ago | (#38998027)

It's testing *Undetectably*, not it being undetectable. There is a difference where the former is how hard it is to detect while the latter is absolute.

Iraq = blocks most traffic including encrypted. Tor = encrypted so if traffic goes through, it's not detected. Sounds like a good trial test to me. Hardly absolute but definitely real world. The key thing is how long they can stay this way vs iraq figuring ways to detect and block tor.

Automated steganography (2)

niteq (37029) | more than 2 years ago | (#38997951)

It'd be slow, for sure, but encapsulating messages inside of images using steganography libraries should be very feasible as a means of tunneling.

Re:Automated steganography (1)

X0563511 (793323) | more than 2 years ago | (#38998001)

I can see it now.

Analyst A: Wow, this cat photo has gotten VERY popular.
Analyst B: Hey... why do these otherwise identical photos have different checksums?

Re:Automated steganography (0)

Anonymous Coward | more than 2 years ago | (#38998097)

Rather than images, why not use videos?
I have no idea where they will get a ready supply of random useless videos that nobody watches to use as one time pads for stenography.

Re:Automated steganography (1)

gorzek (647352) | more than 2 years ago | (#38999095)

I assume you were referring to YouTube. The problem with YouTube is that any video you upload is going to be transcoded for their storage, so anything you've hidden in the bits of the video is going to be lost or at least seriously corrupted.

not the smartest headline (2, Informative)

v1 (525388) | more than 2 years ago | (#38997971)

Tor Tests Undetectably Encrypted Connections In Iran

"Undetectably encrypted". No. There really is no such thing. "Obfuscated", "disguised", ok I'll take those, but not "undetectably". Makes it sound like it's flat out impossible to figure out the traffic contains encrypted data.

I'm sure cisco and motorola etc will send their people over there this weekend to make upgrades to the censorware they sold them last year. They provide such good customer service to our adversaries when there's a buck to be made. (isn't there a law against this? they push so hard politically in one direction all the while the american businesses drive a dagger in the back of their goals)

Re:not the smartest headline (2)

X0563511 (793323) | more than 2 years ago | (#38998043)

A proper encryption without a header of some kind, and without the key, looks like random noise. You can suspect it's encrypted, but you cannot know for certain (ignoring context. even then, the context only suggests, not proves)

So, pedantically, I suppose it IS possible. But not over in practical land.

Re:not the smartest headline (4, Informative)

betterunixthanunix (980855) | more than 2 years ago | (#38998157)

Over in practical land, you need a noisy channel where the amount of noise is high enough to overpower efforts to detect your hidden signal, but where someone with special knowledge (knowledge of the secret key) can perform run an error correcting code to recover the hidden signal. This is not at all implausible; we already know how to make cryptosystems based on random linear codes; the real work would be ensuring that security is maintained even when you use the channel's naturally occurring noise to hide the signal (which may not be guaranteed).

Re:not the smartest headline (1)

lgw (121541) | more than 2 years ago | (#38999223)

Encryped data will never have the same "profile" as true randomness. Once the attacker knows the algorithm being used, nothing today will stop him from detecting that data is present. But that's not what the TOR team is after - they're trying to make it impractically expensive to perform this sort of detection on all internet traffic with the hardware the attacker already has. That's a much more practical objective. They aren't trying to hide the fact that there's an encrypted payload, they're just removing easy ways to distinguish traccif that might have the payload from normal traffic - such as simply blocking a port, or a protocol.

Re:not the smartest headline (1)

betterunixthanunix (980855) | more than 2 years ago | (#38999365)

Once the attacker knows the algorithm being used, nothing today will stop him from detecting that data is present

Except for time, since we generally want ciphers whose ciphertext is computationally indistinguishable from a uniform random sequence i.e. where no efficient algorithm can distinguish between ciphertext and randomly sampled strings with non-negligible probability, even when the algorithm is publicly known (as long as the secret key is not publicly known). Whether such a thing is actually possible is still an open question, but there are good reasons to think that it is possible.

Re:not the smartest headline (1)

X0563511 (793323) | more than 2 years ago | (#38999479)

Using a one-time-pad type of stream cipher would work, so long as you made sure to send the next pad before you ran out on the existing one. The danger of that though, is if they can grab a pad, they could theoretically decrypt any subsequent data (so long as they didn't "miss" recording the part with the next pad).

Provided the pads are generated in an actually random or near-random manner, then the ciphertext would be indistinguishable from said random/near-random data.

Re:not the smartest headline (1)

betterunixthanunix (980855) | more than 2 years ago | (#38999599)

Why even bring up one time pads? A stream cipher or various stream-cipher-like modes of block ciphers would be sufficient in practice, and in theory we can show that (under certain widely accepted hardness assumptions) you can make a stream cipher with many-message security against computationally bounded adversaries. There is a well-known construction of a secure stream cipher from a one-way function and a hardcore predicate for that function.

Re:not the smartest headline (1)

X0563511 (793323) | more than 2 years ago | (#39000177)

... because people reading this thread may not be subject matter experts, and know all of that?

Re:not the smartest headline (1)

pinfall (2430412) | more than 2 years ago | (#38998071)

At this point we're all fucked anyway. Government's greatest desire is to have keyloggers built into every bios so encryption is made obsolete.

Re:not the smartest headline (2)

betterunixthanunix (980855) | more than 2 years ago | (#38998075)

Makes it sound like it's flat out impossible to figure out the traffic contains encrypted data.

Well, in terms of steganography, we can speak of "strong" or "provably secure" steganography which can guarantee that no process can decide if a hidden message exists in the cover traffic with non-negligible advantage. If you have a low enough SNR, detecting the existence of the signal at all become impossible; the only trick is to ensure that someone with the secret key can still extract that signal.

Re:not the smartest headline (1)

v1 (525388) | more than 2 years ago | (#38998231)

If you have a low enough SNR, detecting the existence of the signal at all become impossible

This usually requires the percentage of secret data to be very small compared to the amount of "plausibly harmless" data it's steno'd into.

So whether or not that is usable depends on the amount of data you want to hide, and what you intend to hide it in. If you want to send a paragraph of text you can probably squeeze that nicely into a tiff from your camera with minimal risk. But if you want to send someone a DVD length video, you'll have a hard time finding an elephant to hide that in.

In theory you're right, but practical application can be a problem.

And even in the above paragraph in a tiff example, if someone is LOOKING for data to be hidden in the image, it vastly improves their odds of finding it. Most stenography is traditionally very hard to recognize but fairly easy to forcefully extract. Once someone knows there's a high probability of data in that tiff, they will just whip out an entropy checker like the article we saw here recently for detecting photoshopping, and that is highly likely to confirm stenography is at work. And with most of these countries, they don't need to read what you put in the tiff, simply getting caught trying to hide something will get you locked up. (and $5 wrenched if they can't get the data out themselves)

Re:not the smartest headline (1)

betterunixthanunix (980855) | more than 2 years ago | (#38998335)

if someone is LOOKING for data to be hidden in the image

There are ways to defend against this; I would start by looking at the Learning With Errors problem, which I suspect could be used for strong steganography systems (it is already being used for cutting edge cryptography).

In theory you're right, but practical application can be a problem.

That is the pattern with the Tor project. In the 90s, a lot of work went into anonymity systems that were resilient to concerted efforts to defeat the anonymity guarantees (mixmaster). Tor took some of these ideas, but had to sacrifice the strong security guarantees to ensure practicality, since high latency is not going to be acceptable for most applications. Strong steganography will probably not be practical, but some ideas from stego theory will wind up being used by Tor.

Re:not the smartest headline (1)

MightyYar (622222) | more than 2 years ago | (#38998137)

Don't be so hasty... Spammers can get past spam filters even when they are tuned to look for every variation of the word P3N1S. :)

Re:not the smartest headline (1)

oGMo (379) | more than 2 years ago | (#38998177)

"Undetectably encrypted". No. There really is no such thing. "Obfuscated", "disguised", ok I'll take those, but not "undetectably". Makes it sound like it's flat out impossible to figure out the traffic contains encrypted data.

Trivially, if you have a regular message that's filled with noise, it's easy to filter. Less trivially, if you have a message that encodes encrypted messages as normal-looking sentences, you might be able to filter it, though the generation of such could get pretty sophisticated. Far less trivially, you could spread the encoded encryption across multiple channels (a few bits in an email, a few bits in an IM, a few bits in an HTTP request). The better the encryption, the less distinguishable from purely random data it is. Then you have to detect close-to-random data encoded randomly across streams of other-random-data.

It may be doable, but it's an arms race. The steganographers just have to change their schemes every now and then, which doesn't take much. The people doing the detection are eventually going to have to spend all resources on doing so. Who's to tell the few bits of the digital photo someone took combined with a few words in an IM and a URL someone visited resulted in passing a message or receiving one?

Of course, once you have the opposition doing nothing but trying to find hidden messages in every bit of information around them, you've won.

hah! (1)

Sebastopol (189276) | more than 2 years ago | (#38998011)

in the technological arms race, this is pretty damn cool idea.

/munches popcorn and waits to see countermeasures/

Lousy OPSEC (1)

ve3oat (884827) | more than 2 years ago | (#38998031)

Wow! Why are they even talking about this?? Do they want the enemy to discover their method before this new weapon has even been fired in anger? Folks at Tor need to take and pass the OPSEC 100 course again.

Re:Lousy OPSEC (1)

softwareGuy1024 (2564569) | more than 2 years ago | (#38998153)

Secrecy and open source don't mix. Also, RTFA, they are looking for people to host the proxy servers.

Re:Lousy OPSEC (0)

Anonymous Coward | more than 2 years ago | (#38999201)

But couldn't the folks at Tor have asked more discreetly for hosters of the proxy servers?

I doubt the Iranian government had thought to look for such an obfuscation but after all of this publicity at least they know where they have to start, even if it takes them some while to develop the necessary detection techniques. Whatever you might think of the Iranian gov't, they aren't exactly stupid.

ferrari as toyota (-1)

Anonymous Coward | more than 2 years ago | (#38998049)

I've often wondered why nobody ever nicks the body and VIN of an economy car to reduce theft risk and insurance costs of a sports car

Re:ferrari as toyota (1)

couchslug (175151) | more than 2 years ago | (#38998995)

"I've often wondered why nobody ever nicks the body and VIN of an economy car to reduce theft risk and insurance costs of a sports car"

Because they hot rod the economy car to get a sufficiently similar performance result.

That's been done for almost one hundred years, and "Gow jobs" (for example) were being built before (possibly all) Slashdot posters were born.

Obfsproxy? Really? (0)

owenferguson (521762) | more than 2 years ago | (#38998101)

No need to make the name of the protocol itself an obfuscation. How the hell am I supposed to pronounce the consonant group "bfspr"?

Re:Obfsproxy? Really? (0)

Anonymous Coward | more than 2 years ago | (#38999843)

Biff-Spur

Iran's government is afraid, and thereby stupid (4, Interesting)

cryfreedomlove (929828) | more than 2 years ago | (#38998105)

This arms race of censorship and counter measures will have one definitive outcome: the best and the brightest of Iranian youth will find a way to emigrate because they don't want to live in an isolated theocracy. The resulting brain drain will set them back a century. This is what happens to governments driven by fear. Those in power in Iran fear their own people the most.

Re:Iran's government is afraid, and thereby stupid (3, Informative)

Animats (122034) | more than 2 years ago | (#38998151)

the best and the brightest of Iranian youth will find a way to emigrate because they don't want to live in an isolated theocracy.

They already did, decades ago. When the US-supported Shah of Iran was overthrown, many Iranians came to the US.

Re:Iran's government is afraid, and thereby stupid (3, Informative)

glop (181086) | more than 2 years ago | (#38998417)

Actually when the Shah was overthrown, most of the brightest people in Iran celebrated. That's because he was a really bad dictator and the only reason most people in the West are not aware of it is because he was very pro-American and very friendly with most western countries.
The problem with revolutions is that it's hard to stabilize things afterwards. And there is no guarantee that the nice and respectful people will take over to draft a Constitution that grants freedom for the people. That's when many of the brightest in Iran got really disappointed and the religious extremists took the power.

You can read the account of one of those brightest people who left Iran years later: http://en.wikipedia.org/wiki/Marjane_Satrapi
Marjane's account seemed pretty fair and balanced to me (based on the differences with the cliches I had heard, what I know about the publishers, the variety of the anecdotes and their "true to life" aspect).

Re:Iran's government is afraid, and thereby stupid (1)

sohmc (595388) | more than 2 years ago | (#38998553)

Isn't this a good thing though? "The People should not fear its government. The government to should fear its the People."

I guess the only thing missing is the revolution to actually throw the government out of the country.

This must be useful in China. (0)

Anonymous Coward | more than 2 years ago | (#38998415)

(Look at the previous news on Slashdot about Tor and China.)

Learn from others (1)

feddas (1979736) | more than 2 years ago | (#38998455)

So Iran is moving towards a DarkNet called Tor. I wonder if ACTA, SOPA, or PIPA would cause a similar reaction in the countries they're enforced upon.

Improvement... (-1)

Anonymous Coward | more than 2 years ago | (#38998465)

> Tor executive director Andrew Lewman says the idea is to 'make your Ferrari look like a Toyota by putting an actual Toyota shell over the Ferrari.'"

Not a bad idea! The Ferrari might go even faster!

Re:Improvement... (0)

Anonymous Coward | more than 2 years ago | (#38999873)

-1? Because of a joke? Or is the joke not funny at all?

A real test (0)

Anonymous Coward | more than 2 years ago | (#38998727)

Use it to leak secrets embarassing to US politicians.

If the censor can't see it, it will get blocked. (3, Interesting)

davidwr (791652) | more than 2 years ago | (#38998819)

"If we can't parse it, it gets blocked."

In the old days, Cuban international phone calls were monitored. At least one person started talking a language other than English or Spanish and the operator broke in and told them to speak English or Spanish or get cut off.

Source: Something I read in a reputable newspaper or magazine back in the 1970s or 1980s.

Cool sounds like IP steganography (1)

hesaigo999ca (786966) | more than 2 years ago | (#38999547)

IP steganography makes it all the cooler, while still keeping a sort of logic about it that is very high level.
I hope you all understand this will change things forever...

Point-to-point and ad-hoc mesh networks (1)

Phoenix666 (184391) | more than 2 years ago | (#39000341)

This topic is important to more than just Iranians. The events of the Arab Spring and developments across Europe, Asia, and America indicate we average folks are going to need a truly free means of communicating soon if not now. It has to be impossible for governments or corporations to blackout communications anywhere, so that their misdeeds cannot go unwitnessed.

I know that separate projects exist to tackle this problem in different ways. B.A.T.M.A.N.'s ad hoc network protocol is one. Point-to-point information transfer via laser is another. Balloon-born "satellites" is another. I also read recently that the Zetas gang in Mexico had built their own separate cellular network.

How can we hoi poloi implement these redundant networks at low- to no-cost, with maximum ease of use so that censorship will become impossible?

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...