First Obsfucated TCP patches (23 Apr 2008)
After a day of kernel hacking, I have a few patches which, together, make a start towards implementing ObsTCP.
- Add support for Jumbo TCP options, as documented here: tcp-jumbo-options.patch
- Add curve25519: curve25519.patch
- Some ObsTCP work: tcp-obsfucated-tcp.patch
At the moment, it will advertise ObsTCP on all connections and, if you have two kernels which support it, you'll get a shared key setup. At the moment, the private key is generated at boot time and since the host doesn't have any entropy then, it's always the same. So I'll have to do something special there. Also, I've a problem where the ACK with the connecting host's public key can get lost. Since ACKs aren't ACKed, this can be a real pain. I think I need to include it in every transmitted packet until (yet another) option signifies that it's been received.