Paper 2024/1086

Obfuscated Key Exchange

Felix Günther, IBM Research - Zurich
Douglas Stebila, University of Waterloo
Shannon Veitch, ETH Zurich
Abstract

Censorship circumvention tools enable clients to access endpoints in a network despite the presence of a censor. Censors use a variety of techniques to identify content they wish to block, including filtering traffic patterns that are characteristic of proxy or circumvention protocols and actively probing potential proxy servers. Circumvention practitioners have developed fully encrypted protocols (FEPs), intended to have traffic that appears indistinguishable from random. A FEP is typically composed of a key exchange protocol to establish shared secret keys, and then a secure channel protocol to encrypt application data; both must avoid revealing to observers that an obfuscated protocol is in use. We formalize the notion of obfuscated key exchange, capturing the requirement that a key exchange protocol's traffic "looks random" and that it resists active probing attacks, in addition to ensuring secure session keys and authentication. We show that the Tor network's obfs4 protocol satisfies this definition. We then show how to extend the obfs4 design to defend against stronger censorship attacks and present a quantum-safe obfuscated key exchange protocol. To instantiate our quantum-safe protocol using the ML-KEM (Kyber) standard, we present Kemeleon, a new mapping between ML-KEM public keys/ciphertexts and uniform byte strings.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Major revision. ACM CCS 2024
DOI
10.1145/3658644.3690220
Keywords
fully encrypted protocolsobfuscationkey exchangeobfs4ML-KEMquantum-safe
Contact author(s)
mail @ felixguenther info
dstebila @ uwaterloo ca
shannon veitch @ inf ethz ch
History
2024-10-31: last of 2 revisions
2024-07-03: received
See all versions
Short URL
https://ia.cr/2024/1086
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2024/1086,
      author = {Felix Günther and Douglas Stebila and Shannon Veitch},
      title = {Obfuscated Key Exchange},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1086},
      year = {2024},
      doi = {10.1145/3658644.3690220},
      url = {https://eprint.iacr.org/2024/1086}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.