format transforming encryption with regular expressions (FTE)

Meredith L. Patterson mlp at upstandinghackers.com
Mon Jan 27 14:16:02 PST 2014


Hah! I was wondering when someone was going to start throwing parse
tree differentials at regex-based DPI.

Obviously the next step in the arms race is DPI systems that use
correct parsers, but this is hard to do at wire speed. For now,
anyway.

Cheers,
--mlp

On Mon, Jan 27, 2014 at 09:50:02AM -0800, coderman wrote:
> https://kpdyer.com/publications/ccs2013-fte.pdf
>   and
> https://fteproxy.org/about
> """
> Format-Transforming Encryption (FTE) is a novel cryptographic
> primitive that extends traditional encryption... FTE takes a key,
> message and format (a compact set descriptor) as input and outputs a
> ciphertext in the format set. As an example, a format may describe the
> set of valid HTTP messages.
> 
> fteproxy bootstraps FTE to relay arbitrary data streams. In turn, this
> enables fteproxy to use a regular expression that captures an
> uncensored protocol (e.g., HTTP), then employ fteproxy to tunnel a
> censored protocol (e.g., Tor, TLS, SSH, etc.) To the network monitor,
> traffic looks like HTTP, even though it's actually a censored
> protocol.
> """
> 
> 
> git clone https://github.com/kpdyer/fteproxy.git fteproxy-unstable
> cd fteproxy-unstable
> make
> ./bin/fteproxy



More information about the cypherpunks mailing list