#tor-dev log

16:00:53 <Yawning> #startmeeting
16:00:53 <MeetBot> Meeting started Wed Dec 17 16:00:53 2014 UTC.  The chair is Yawning. Information about MeetBot at http://wiki.debian.org/MeetBot.
16:00:53 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
16:01:02 <Yawning> Ah there.  So who here is for the pt meeting?
16:01:12 <Yawning> Besides blanu, dcf, and myself?
16:01:15 <mjuarezm> <- Hi there
16:01:29 <Yawning> oh hi!
16:01:38 <Yawning> Anyway I'll go first I guess
16:01:57 <Yawning> I've been kind of sick with the flu, but I unleashed basket onto the world
16:02:10 <blanu> What is basket?
16:02:13 <Yawning> http://github.com/yawning/basket
16:02:18 <dcf1> https://lists.torproject.org/pipermail/tor-dev/2014-December/007977.html
16:02:34 <Yawning> It's "Yawning wanted to learn about PQ crypto and anti-web fingerprinting defenses"
16:02:48 <mjuarezm> hahah
16:02:53 <Yawning> it ties into mjuarezm's gsoc project and current research
16:03:08 <Yawning> so it has a PQ cryptographic handshake and a CS-BuFLO implementation
16:03:17 <Yawning> in PT form
16:03:24 <Yawning> it's a research prototype more than anything else
16:03:47 <Yawning> (because it has a ~6x overhead if you're lucky)
16:03:49 <blanu> Interesting.
16:04:24 <mjuarezm> Yawning: do you know what would be the overhead incurred by the original design?
16:04:31 <Yawning> 3x
16:04:37 <Yawning> because they have the app hinting
16:04:46 <Yawning> so they stoppadding early
16:04:52 <Yawning> *stop pading
16:05:08 <Yawning> also I think they use payload padding which is a weaker defense but is more bandwidth efficient
16:05:21 <mjuarezm> so the IDLE_TIME trick is not enough, right?
16:05:34 <Yawning> well, it works, it just sends more cover than it needs to
16:05:52 <Yawning> since it looks at the server response going idle
16:06:02 <mjuarezm> yes, I'm afraid this trick would not work so well in multitab scenarios...
16:06:14 <Yawning> *nods*
16:06:33 <Yawning> more research needed
16:07:01 <Yawning> 'coruse if the user is doing tons of web stuff using 3 billion tabs, a lot of the data sent wil be payload instead of cover
16:07:07 <Yawning> we can talk about it offline
16:07:19 <mjuarezm> yes, okay, sorry
16:07:27 <Yawning> so unless this explodes in my face, I will be working on my pt eval etc
16:07:32 <dcf1> Actually I think Firefox has trouble with more than 2^31 tabs.
16:07:35 <Yawning> and I need to fix the obfs4proxy build
16:07:45 <Yawning> since the go developers moved go.crypto
16:07:56 <dcf1> Oh right, it moved to GitHub, correct
16:07:58 <dcf1> ?
16:08:02 <Yawning> golang.org
16:08:15 <Yawning> golang.org/x/crypto
16:08:29 <blanu> Is there any movement on building obfs4proxy with Orbot?
16:08:32 <Yawning> so the old import will break in interesting ways
16:08:42 <Yawning> that'd be a n8fr8 question
16:08:58 <blanu> n8fr8: ?
16:09:18 <Yawning> in the mean time go.crypto 231:7ad4bae3f467 works
16:09:28 <Yawning> so just use hg to checkout that revision
16:09:35 <Yawning> it's right before they moved the repo
16:09:51 <Yawning> that's it for me I think, unless peopl ehave questions for me ^_^
16:11:33 <blanu> Who is next? dcf1?
16:11:46 <dcf1> I got nothing to say today.
16:12:22 <n8fr8> oh hey, sorry, I still have this meeting in my calendar at the wrong time
16:13:03 <Yawning> (I'll also steal ideas from basket if I ever do obfs5)
16:13:10 <blanu> n8fr8: Any progress on building obfs4proxy as part of Orbot? Or anything else to report?
16:13:30 <dcf1> obf5proxy
16:13:36 <dcf1> obf5pr0xy
16:13:51 <n8fr8> I haven't made much progress in last two weeks, but soon will push some more updates here: https://github.com/guardianproject/pluto
16:14:25 <n8fr8> obfs4 is building, so next step is to try to include it in Orbot
16:14:58 <blanu> I had a pluto question actually. What language is pluto going to be in?
16:15:18 <Yawning> java?
16:15:32 <n8fr8> yes
16:15:55 <n8fr8> at some point, it could be all written in Go with JNI bindings
16:15:57 <n8fr8> but not yet
16:16:15 <n8fr8> mostly it is concerned with unpacking the Go binaries and managing their executation/state
16:16:58 <blanu> Oh I see. So it will be in Java, but the PT code will be in Go. Good to know.
16:17:14 <n8fr8> yes i am not writing PT's just packaging them
16:18:21 <blanu> Sounds good.
16:18:44 <dcf1> Mobile is an interesting case for meek's polling behavior
16:18:54 <dcf1> because I know on mobile there are battery and data plan concerns.
16:19:08 <dcf1> We can experiment with some changes if necessary.
16:19:17 <dcf1> Just an aside, please continue.
16:21:15 <n8fr8> tx dcf1
16:23:20 <blanu> I can go next if there are no other updates.
16:23:46 <dcf1> Go blanu.
16:25:06 <Yawning> go for it
16:25:12 <blanu> So we have been valiantly working on Haskell cross-compiling for Android. We got it 90% working. The remaining 10% is Template Haskell, which is kind of like the Haskell version of the C preprocessor. Unfortunately, TH does not cross-compile and won't until GHC 7.10.
16:25:33 <blanu> We can eliminate all TH dependency in our code, but many libraries use it as well.
16:26:05 <blanu> So it seems like Haskell on Android is not a practical reality for this project.
16:26:15 <Yawning> hmm
16:26:25 <Yawning> how complicated is the dust protocol on the wire?
16:26:31 <blanu> Therefore we are going to have to do some stuff in Go.
16:26:45 <Yawning> if you need help with that I can assist as needed
16:27:09 <blanu> The wire protocol is not particularly complex. The complex part of Dust is the statistical modeling.
16:27:16 <Yawning> ahh
16:27:43 <blanu> So what we're thinking is getting the core of what makes Dust interesting into something that can cross-compile and then do all the network and crypto stuff in Go.
16:28:05 <Yawning> *nods*
16:28:15 <blanu> We might make the core TH-free or we might write something to automatically translate it to Go.
16:28:38 <blanu> Also as part of this we're boiling down the stuff core into a simple API which any PT could use if it wants to incorporate statistical modeling.
16:28:46 <blanu> stuff=Dust
16:29:23 <blanu> So it should be interesting. One question remaining from last time is if we should target obfs4proxy or goptlib. This seemed like a Yawning question.
16:30:01 <dcf1> Yeah good point.
16:30:06 <dcf1> Last time, blanu said he was aiming to integrate Dust into obfs4proxy, and I asked,
16:30:27 <dcf1> are you using the obfs4proxy infrastructure or do you just need the goptlib glue layer?
16:30:36 <Yawning> either is simple, less boilerplate if you target obfs4proxy I think
16:30:47 <Yawning> but not massively less
16:31:33 <dcf1> One thing blanu was concerned about is whether he could get e.g. timer callbacks and send padding even without client data being pushed.
16:31:42 <Yawning> yes
16:32:03 <dcf1> I guess obfs4 needs that anyway.
16:32:11 <blanu> Okay great, well the way forward is decided then.
16:32:16 <Yawning> no, but I did it in basket
16:32:20 <dcf1> So there you go. I guess try whichever sounds easier.
16:32:27 <Yawning> (which doesn't use obfs4proxy, but how you do it is the same)
16:33:03 <Yawning> cs-bufly schedules it's own writes as part of the defense
16:33:10 <Yawning> so I use a channel + goroutine for that
16:33:39 <Yawning> I can help with this sort of thing, just poke me with questions
16:33:43 <Yawning> or tell me what needs to be done
16:33:57 <Yawning> (both with my framework code and without)
16:33:59 <blanu> I think we should be able to reuse some obfs4 stuff such as the Elligator implementation which we were going to need to do in Haskell. So I think this is a sensible way forward despite the challenge of rewriting stuff in Go which we already had written.
16:34:27 <Yawning> obfs4proxy also has a ntor implementation as well
16:34:41 <blanu> Yawning: Thank you! I'll keep you updated when we get further along. We just came up with this plan yesterday, so we're still sorting out the details.
16:34:45 <Yawning> since obfs4 iselligatored ntor
16:35:23 <blanu> Ah yes we can probably use that too, although the Dust ntor is slightly modified. Should be easy to do though.
16:35:24 <Yawning> (the part that does the write scheduling is the most complicated part of basket, now that I think about it)
16:35:54 <Yawning> (well apart from my sphincs and ntru code)
16:36:11 <dcf1> Most complicated except for the complicated parts.
16:36:36 <Yawning> it's all p complicated
16:36:55 <dcf1> I thought of one other quick thing to discuss.
16:37:01 <blanu> Well that's it for me. Hopefully a lot more actual progress next time.
16:37:03 <Yawning> shoot
16:37:07 <Yawning> oh
16:37:14 <dcf1> We should have OONI instrumentation of the default obfs4 bridges before TB 4.5 is released.
16:37:17 <dcf1> https://lists.torproject.org/pipermail/tor-dev/2014-December/007975.html
16:37:17 <Yawning> next meeting falls on the 31st
16:37:22 <dcf1> https://trac.torproject.org/projects/tor/ticket/13597
16:37:23 <Yawning> aka jan 1st for me
16:37:32 <Yawning> I ain't gonna be soberor online probably
16:37:37 <Yawning> are people ok with defering that?
16:37:52 <dcf1> Sounds fine.
16:38:06 <dcf1> Some PT people gonna be in person at CCC anyhow.
16:38:33 <dcf1> hellais says we just have to make some small changes to ooniprobe.
16:38:48 <dcf1> Anyway, I might do this if I find time.
16:38:54 <Yawning> ok
16:38:55 <nickm> dgoulet: looking at your hs-lttng-025 branch with rob now
16:39:12 <nickm> any reason it adds -O0?  Was that intentional?
16:39:13 <dgoulet> nickm: cool, I'm currently writing doc for all this
16:39:26 <dgoulet> nickm: oh no! I might have forgot about it to debug stuff :S
16:39:32 <Yawning> use -Og
16:39:34 <Yawning> >.>
16:39:56 <nickm> it breaks hardening :)
16:40:03 <Yawning> oh
16:40:06 <Yawning> sadpanda
16:40:26 <Yawning> ok, real quick, any other pressing pt things?
16:40:31 <Yawning> mjuarezm?
16:42:17 <Yawning> (if not, I shall baf the meeting)
16:43:05 <Yawning> *crickets* *tumbleweed*
16:43:44 <Yawning> #endmeeting *baf*