

 Protocol Misidentification Made Easy with Format-Transforming Encryption - dfc
https://github.com/redjack/FTE

======
yew
What looks like a related paper can be found here:
[http://eprint.iacr.org/2012/494.pdf](http://eprint.iacr.org/2012/494.pdf)

(I don't see this linked in the repo.)

~~~
dfc
More contest from the tor-dev announcement. Not sure why they don't have the
paper in the repo:

 _The latest version of our paper is available on the Cryptology ePrint
Archive [4]. In the paper we describe our framework and provide a
comprehensive security evaluation of FTE 's success in evading six DPI systems
--- including using regular expressions from open-source DPI systems to evade
detection by a closed-source black-box commercial DPI system. By "evade" we
mean that it's easy for FTE to tunnel arbitrary TCP streams (e.g., Tor) such
that they are (mis)classified by DPI systems as a configurable target protocol
(e.g., HTTP, SMB, RTSP, etc.) of one's choosing.

We release FTE in its alpha stage because we believe it is well positioned to
evade the suspected protocol white-listing [5] recently reported in Iran. More
generally, we're optimistic FTE has long-term potential as a tool to enable
users to control how their traffic is classified by passive DPI systems. As
one example, over the last month, we've successfully tunneled Tor through the
Great Firewall of China, using FTE to make our traffic "look like" HTTP.

We're eager for feedback on this alpha release, so please do not hesitate to
contact us with questions.

-Kevin P Dyer (and his co-authors)

[4] [http://eprint.iacr.org/2012/494](http://eprint.iacr.org/2012/494) [5]
[https://lists.torproject.org/pipermail/tor-
dev/2013-May/0047...](https://lists.torproject.org/pipermail/tor-
dev/2013-May/004787.html) _

