#tor-dev log

16:00:54 <Yawning> #startmeeting
16:00:54 <MeetBot> Meeting started Wed Jan 14 16:00:54 2015 UTC.  The chair is Yawning. Information about MeetBot at http://wiki.debian.org/MeetBot.
16:00:54 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
16:01:12 <Yawning> yay, who else apart from blanu is here?
16:01:46 <dcf11> me
16:01:51 <Yawning> hi
16:02:21 <Yawning> I guess I'll go first
16:02:51 <Yawning> poked at tentp a lot, going to spend the next bit catching up on e-mail/paperwork/everything else I should be doing
16:03:22 <Yawning> (tentp has a really draft handshake spec now as well, though it needs a lot of refinement)
16:04:18 <Yawning> dcf11: I can ignroe the random pull rquest someone sent me for my goptlib repo right?
16:04:50 <Yawning> so uh, people tat are interested in stuff like tentp should look over the handshake spec and tell me if it sucks
16:04:55 <dcf11> Yes, it is from Psiphon and it's about #14135.
16:05:00 <Yawning> ok
16:05:47 <Yawning> (https://github.com/nmathewson/tentp-draft/blob/master/spec/handshake.txt)
16:05:51 <Yawning> nb: really draft
16:06:31 <Yawning> next! >.>
16:06:59 <dcf11> I don't have too much.
16:07:34 <dcf11> Good news is that arthuredelstein fixed meek in the 4.5-alpha series (it is broken in alpha-1 and alpha-2).
16:07:37 <dcf11> https://trac.torproject.org/projects/tor/ticket/13788
16:07:43 <Yawning> oh cool
16:07:46 <dcf11> It's not completely merged yet though.
16:08:19 <dcf11> I sent a couple of long emails:
16:08:30 <dcf11> Costs for December: https://lists.torproject.org/pipermail/tor-dev/2015-January/008082.html
16:08:40 <dcf11> How to change the front domain: https://lists.torproject.org/pipermail/tor-talk/2015-January/036410.html
16:09:31 <dcf11> And I closed #12778, which reduces the meek HTTP header size and saves nonnegligible bandwidth.
16:09:40 <dcf11> That's all I got.
16:09:54 <Yawning> \o/
16:10:03 <blanu> Okay then next is me I guess!
16:10:43 <Yawning> go for it
16:10:55 <blanu> Much has happened since the last meeting. First of all, we ported Dust to Go. More specifically, we wrote source-to-source compiler which takes Dust models and generates a Go library from those.
16:11:05 <Yawning> spiffy!
16:11:09 <blanu> This way we can more easily hit other targets like Javascript later if we want.
16:11:26 <blanu> That's just for the stats models. We are now porting the protocol stuff like the handshake.
16:11:40 <blanu> Fortunately Go has all the crypto we need already.
16:12:07 <blanu> So right now we are working on a simple proof-of-concept TCP forwarder. When that works we'll start on the obfs4proxy integration.
16:12:12 <Yawning> yeah, I need to change the imports to golang.og/x/crypto for obfs4proxy, haven't gotten aroudn to it yet
16:12:15 <Yawning> makes sense
16:12:32 <Yawning> the glue once you have a proof of concept should be dead easy
16:13:14 <blanu> In other news, I have stopped working on Adversary Lab and forked an AdversaryLab-offline codebase. I was having trouble with the performance of the App Engine datastore and I ran out of free credits.
16:13:26 <blanu> So now I'm building Dust models locally with files and it's way faster.
16:13:48 <blanu> I have HTTP and HTTPS models complete and we're using them to test the proof-of-concept proxy.
16:14:09 <blanu> I hope to get back to working on Adversary Lab as an online service in the summer.
16:14:25 <blanu> So that's it, lots of progress, but still a long way to go.
16:14:44 <dcf11> https://github.com/blanu/AdversaryLab-offline
16:15:03 <blanu> That's it! Mostly the same code but without the web frontend.
16:15:28 <blanu> It's not documented at all yet unfortunately. It's been a mad dash to get that done as I didn't have any time in the budget for it.
16:16:01 <blanu> On the bright side, I can parse all of my pcap data in about 6 minutes now instead of 3 hours.
16:16:10 <blanu> I have an SSD, which helps.
16:16:21 <dcf11> Wow.
16:16:22 <philbel> Hi
16:16:37 <dcf11> Yeah, I suppose somethign that takes 3 hours is not so suited to App Engine.
16:17:06 <dcf11> PT people: did you hear about this: https://github.com/trevp/noise/wiki
16:17:14 <blanu> Well I'm not so sure why it is so slow on App Engine. I think I am misusing their database somehow. The supposed advantage of App Engine is parallelism.
16:17:25 <luketheduke> [A
16:17:37 <Yawning> dcf11: no
16:17:38 <dcf11> It reminded me, blanu, of what you proposed at that Seattle meeting, a protocol giving some of the properties of TLS but without the plaintext parts.
16:17:39 <Yawning> what is it
16:17:51 <dcf11> All I know is what's on the wiki.
16:18:22 <blanu> I've looked at it, but there is no code.
16:18:41 <dcf11> I didn't see code either.
16:19:46 <Yawning> looks kind of similar to what nickm and I came up with for the record format
16:19:56 <blanu> The Seattle protocol, as I call the thing we whiteboarded in Seattle, is what Dust uses now and is detailed in the current Dust spec.
16:20:07 <dcf11> oic
16:20:26 <Yawning> for our tentp thing
16:21:59 <blanu> Hey weird, the noise repo has no code, but it has issues discussing code.
16:22:13 <Yawning> maybe it's private
16:22:27 <blanu> Oh maybe the issues refer to the wiki.
16:22:47 <dcf11> Hmm, I have to confess that I don't know what tentp is.
16:23:07 <dcf11> I am looking at the draft repo.
16:23:39 <Yawning> kind of a tls replacement
16:23:52 <Yawning> that does what tor needs and not much more
16:24:06 <blanu> Oh wait I know that guy. I will just email him. :-)
16:24:06 <Yawning> optionally with obfs4-ish features
16:25:34 <dcf11> https://github.com/blanu/Dust/blob/master/docs/DustSpecification.pdf
16:25:37 <Yawning> (so basically obfs4 but better designed and can be used instead of tls in tor)
16:25:50 <Yawning> since we're just chatting now, I assume I can stop meetbot
16:26:25 <blanu> Turns out I had a whole email conversation about noise in 2013, in which trevp said, " Ntor is a 'double Diffie-Hellman' that doesn't
16:26:25 <blanu> authenticate the client, we were throwing in a 3rd Diffie-Hellman for
16:26:25 <blanu> mutual auth."
16:26:30 <dcf11> Dust spec with Seattle Protocol info.
16:26:32 <dcf11> Sure, I think we're done.
16:26:45 <Yawning> #endmeeting