Piyush Kumar Sharma
2018-10-12 11:40:42 UTC
Hello all,
I have some confusion regarding the characterization of Tor traffic using
DPI.
I was following the link (
https://trac.torproject.org/projects/tor/wiki/org/projects/Tor/TLSHistory )
and understood that Tor did TLS renogotiation at some point and then
discontinued doing it.
As an improvement there are basically two handshakes that are done.
(i) "outer handshake" which is made to look as real as possible.
(ii) "inner handshake" which is actually used to authenticate and exchange
"real" certificates.
I am just not able to understand as to why we need two handshakes, also why
do we need "real" and "fake" certificates.
Or if i am missing something, can someone point me to the right resources
where i can get the current tor TLS implementation details.
Regards
Piyush
PhD CSE
IIITD
I have some confusion regarding the characterization of Tor traffic using
DPI.
I was following the link (
https://trac.torproject.org/projects/tor/wiki/org/projects/Tor/TLSHistory )
and understood that Tor did TLS renogotiation at some point and then
discontinued doing it.
As an improvement there are basically two handshakes that are done.
(i) "outer handshake" which is made to look as real as possible.
(ii) "inner handshake" which is actually used to authenticate and exchange
"real" certificates.
I am just not able to understand as to why we need two handshakes, also why
do we need "real" and "fake" certificates.
Or if i am missing something, can someone point me to the right resources
where i can get the current tor TLS implementation details.
Regards
Piyush
PhD CSE
IIITD