webwml/docs/en/pluggable-transports.wml

## translation metadata
# Revision: $Revision$
# Translation-Priority: 3-low

#include "head.wmi" TITLE="Tor Project: Pluggable Transports" CHARSET="UTF-8"
<div id="content" class="clearfix">
  <div id="breadcrumbs">
    <a href="<page index>">Home &raquo; </a>
    <a href="<page docs/documentation>">Documentation &raquo; </a>
    <a href="<page docs/pluggable-transports>">Pluggable Transports</a>
  </div>
  <div id="maincol">
    <h2>Tor: Pluggable Transports</h2>
    <hr>

    <p>
    An increasing number of censoring countries are using Deep Packet
    Inspection (DPI) to classify Internet traffic flows by protocol.
    While Tor uses <a href="<page docs/bridges>">bridge relays</a> to
    get around a censor that blocks by IP address, the censor can use
    DPI to recognize and filter Tor traffic flows even when they connect
    to unexpected IP addresses.
    </p>

    <p>
    Pluggable transports transform the Tor traffic flow between the client
    and the bridge. This way, censors who monitor traffic between the
    client and the bridge will see innocent-looking transformed traffic
    instead of the actual Tor traffic.
    External programs can talk to Tor clients and Tor bridges using the <a
href="https://gitweb.torproject.org/torspec.git/blob/HEAD:/pt-spec.txt">pluggable
transport API</a>, to make it easier to build interoperable programs.
    </p>

    <hr>

    <ul>

    <li><a href="<page projects/obfsproxy>"><b>Obfsproxy</b></a> is a Python framework for implementing new
    pluggable transports. It uses Twisted for its networking needs, and
    <a href="https://gitweb.torproject.org/pluggable-transports/pyptlib.git/blob/HEAD:/README.rst">pyptlib</a>
    for some pluggable transport-related features. It supports the
    <a href="https://gitweb.torproject.org/pluggable-transports/obfsproxy.git/blob/HEAD:/doc/obfs2/obfs2-protocol-spec.txt">obfs2</a>
    and
    <a href="https://gitweb.torproject.org/pluggable-transports/obfsproxy.git/blob/HEAD:/doc/obfs3/obfs3-protocol-spec.txt">obfs3</a>
    pluggable transports. Maintained by asn. <br>
    Status: <a href="#download">Deployed</a>
    </li>

    <li><a href="https://crypto.stanford.edu/flashproxy/"><b>Flashproxy</b></a> turns ordinary web browsers into bridges using
    websockets, and has a little python stub to hook Tor clients to the
    websocket connection. See its
    <a href="https://gitweb.torproject.org/flashproxy.git">git repository</a>,
    and
    <a href="https://crypto.stanford.edu/flashproxy/flashproxy.pdf">design paper</a>.
    Maintained by David Fifield.
    # <iframe src="//crypto.stanford.edu/flashproxy/embed.html" width="80" height="15" frameborder="0" scrolling="no"></iframe>
    <br>
    Status: <a href="#download">Deployed</a>
    </li>

    <li><a href="https://fteproxy.org/"><b>Format-Transforming
    Encryption</b></a> (FTE) transforms Tor traffic to arbitrary
    formats using their language descriptions. See the <a
    href="https://kpdyer.com/publications/ccs2013-fte.pdf">research
    paper</a>. <br> Status: <a href="#download">Deployed</a> </li>

    <li><a href="http://www.cs.kau.se/philwint/scramblesuit/"><b>ScrambleSuit</b></a>
    is a pluggable transport that protects
    against follow-up probing attacks and is also capable of changing
    its network fingerprint (packet length distribution,
    inter-arrival times, etc.). It's part of the Obfsproxy framework.
    Maintained by Philipp Winter. <br>
    Status: <em>To be deployed</em>
    </li>

    <li><b>Meek</b> is a transport that uses HTTP for carrying bytes
    and TLS for obfuscation. Traffic is relayed through a third-party
    server (​Google App Engine). It uses a trick to talk to the third
    party so that it looks like it is talking to an unblocked server.
    Maintained by David Fifield. <br>
    Status: <e>Coming soon</em>
    </li>

    <li><b>StegoTorus</b> is an Obfsproxy fork that extends it to a)
    split Tor streams across multiple connections to avoid packet size
    signatures, and b) embed the traffic flows in traces that look like
    html, javascript, or pdf. See its
    <a href="https://gitweb.torproject.org/stegotorus.git">git repository</a>.
    Maintained by Zack Weinberg. <br>
    Status: <em>Undeployed</em>
    </li>

    <li><b>SkypeMorph</b> transforms Tor traffic flows so they look like
    Skype Video. See its
    <a href="http://crysp.uwaterloo.ca/software/SkypeMorph-0.5.1.tar.gz">source code</a>
    and
    <a href="http://cacr.uwaterloo.ca/techreports/2012/cacr2012-08.pdf">design paper</a>.
    Maintained by Ian Goldberg. <br>
    Status: <em>Undeployed</em>
    </li>

    <li><b>Dust</b> aims to provide a packet-based (rather than
    connection-based) DPI-resistant protocol. See its
    <a href="https://github.com/blanu/Dust">git repository</a>.
    Maintained by Brandon Wiley. <br>
    Status: <em>Undeployed</em>
    </li>

    </ul>

    <p> Also see the <emph>unofficial</emph> pluggable transports <a
    href="https://trac.torproject.org/projects/tor/wiki/doc/PluggableTransports">wiki
    page</a> for more pluggable transport information.</p>

    <hr>

    <p>
    Our goal is to have a wide variety of pluggable transport designs.
    Many are at the research phase now, so it's a perfect time to play
    with them or suggest new designs. Please let us know if you find or
    start other projects that could be useful for making Tor's traffic
    flows more DPI-resistant!
    </p>

    <hr>
    <a id="download"></a>
    <h2><a href="<page download/download-easy>">Download the Pluggable Transports Tor Browser Bundle</a></h2>
    <p>
    As of Tor Browser 3.6-beta-1, pluggable transports are now included in the
<a href="<page download/download-easy>">official
Tor Browser packages</a>.
    </p>

  </div>
  <!-- END MAINCOL -->
  <div id = "sidecol">
#include "side.wmi"
#include "info.wmi"
  </div>
  <!-- END SIDECOL -->
</div>
<!-- END CONTENT -->
#include <foot.wmi>