VMess Proposal AEAD Based Packet Length #940
Conversation
|
稍等,还有其它一些问题,另外不建议继续 breaking, |
|
Currently, VMess protocol will send an empty packet to signal the graceful shutdown of the tunnel, this is used to support connection reuse, which do not exist anymore. This signal is removed to prevent traffic length analysis. 感谢 @RPRX 提供的问题报告。 |
|
Currently, the vmess and shadowsocks client do not use the drain behavior on read. This means the message boundary information is not hidden. This can leak the identification information about the the protocol. 感谢 @RPRX 提供的问题报告。 Update: 感谢 @RPRX 提供的问题报告。 |
|
The Previous VMess Packet Design:
The Purposed VMess Packet Design:
Masked Length is Length XOR with a procedurally generated masked value, which is malleable. |
|
OK,目前问题一二三均已解决,我吃完饭看下代码,之后还需要一个全局 error->drain |
|
a generic fail then drain may have performance implication and is therefore not purposed as a part of this PR. |
This comment has been minimized.
This comment has been minimized.
|
@RPRX 你想不想先发呢, 如果你能2天内发布的话我可以等你一下。 |
Currently, the Packet Length of VMess is masked but unauthenticated. This is not currently being used for attacking VMess based proxy, but could make it harder to diagnose issues in the other part of the project.
The design of the new AEAD Based Packet Length:
The previous Shake based packet length is replaced with:
Shadowsockets AEAD like AEAD Encrypted Length, with the key derived from traffic encryption key. The nonce for the AEAD Encrypted Length is same with the data key.
感谢 @RPRX 提供的问题报告。