aisss
October 30, 2024, 11:45am
1
DHT has fewer traffic characteristics than Snowflake, and ISP operators don’t even know you are using TOR.
dht.libtorrent.org:25401
dht.transmissionbt.com:6881
router.bittorrent.com:6881
router.utorrent.com:6881
dht.aelitis.com:6881
The DHT powering Hyperswarm
A Kademlia DHT implementation on go-libp2p
# mieru Proxy Protocol
To meet the needs of different scenarios, mieru provides two different protocols: TCP and UDP. Because UDP protocol requires more decryption attempts, TCP protocol is faster. In most cases, we recommend using TCP protocol.
The following is a detailed explanation of the mieru proxy protocol. Unless otherwise specified, all data is stored in big endian format.
## Key Generation Method
TCP and UDP protocols share the same key generation method.
Each mieru user needs to provide a username `username` and a password `password`. To generate the key for encryption and decryption from the username and password, the following steps are executed.
The first step is to generate a hashed password `hashedPassword`, whose value is equal to `password` appended with a `0x00` byte and appended with `username`, then takes the SHA-256 checksum.
The second step is to get the current time of the system `unixTime`, whose value is equal to the number of seconds elapsed between January 1, 1970 and now. Round the time of `unixTime` to the nearest 2 minutes, and store it as an 8-byte string from uint64. Get the SHA-256 checksum of the string as `timeSalt`.
In the third step, the key is generated using the [pbkdf2](https://en.wikipedia.org/wiki/PBKDF2) algorithm. In this case, `hashedPassword` is used as the password, `timeSalt` is used as the salt, the number of iterations is 64, the length of the key is 32 bytes, and the hash algorithm is SHA-256.
Since the key depends on the system time, the time difference between the client and the server must not be larger than 4 minutes. The server needs to try maximum 3 different `timeSalt` to decrypt it successfully.
show original
Xray, Penetrates Everything. Also the best v2ray-core, with XTLS support. Fully compatible configuration.
Make a fortune quietly
juicity is a quic-based proxy protocol implementation.
An unidentifiable mechanism that helps you bypass GFW.
Hysteria is a powerful, lightning fast and censorship resistant proxy.
WofWca
October 30, 2024, 12:01pm
2
Can you clarify how exactly DHT can be utilized to gain access to Tor? What components need to be implemented?
2 Likes
I think it would be similar to having a broker included in each proxy
aisss
November 1, 2024, 1:14pm
4
client → ← DHT → ← relay
client → ← DHT → ← quic:// → ← relay
client → ← DHT → ← snowflake → ← quic:// → ←
In the past decades, the internet has emerged as the fastest way to access information. However, this revolutionary information age comes with its own set of challenges. The privacy of Internet users is at increasing risk with the advances in...
QUIC on TOR
This reminds me of ZeroNet.
Which brings up some questions:
Bittorrent transmission doesn’t use the QUIC protocol, making this transmission method extremely easy to detect (a client suddenly switches to using the QUIC protocol to communicate with previously connected nodes after initiating a DHT network connection). ZeroNet also does poorly in this regard (China hasn’t blocked 0Net only because there are few users, making it not worth the attention).
I think solving the problem of malicious nodes in the DHT network will be another challenge (ZeroNet once tried to implement a DHT network for 0Net, but ultimately failed to do so due to the inability to solve the problem of establishing trust between clients).
Tracker servers are not that reliable, and it’s easy for tracker servers to detect that it’s not a Bittorrent client. Maintaining trusted tracker servers would also make it easier for censors to block the entire network.
