ostp/ostp-server at 0418e5728c23729ee021adb6d8cef58fe5481bab - ostp

History

ospab 8abffde0fd security: per-packet handshake masks (eliminates correlation fingerprint) Previously handshake obfuscation used a FIXED mask derived from HMAC(obf_key, u64::MAX). This meant bytes [4..6] (noise_len XOR fixed_mask) produced the SAME 2-byte value on every handshake from the same access key — a correlation fingerprint for DPI. Now BOTH data and handshake packets use the same payload-sampling approach: mask = HMAC-SHA256(obf_key, payload_sample[0..32]) For data packets: payload_sample = AEAD ciphertext (random per packet) For handshake packets: payload_sample = Noise ephemeral key (random per connection) Result: every single byte on the wire is cryptographically independent across packets. No fixed patterns, no correlation between connections. Wire analysis after this change: - Packet sizes: random (84-182 for handshake, variable for data) - All header bytes: unique per packet (XOR with unique HMAC mask) - Payload bytes: AEAD ciphertext / Noise handshake (indistinguishable from random) - No protocol signatures, no version fields, no magic bytes visible on wire	2026-05-17 15:20:21 +03:00
..
src	security: per-packet handshake masks (eliminates correlation fingerprint)	2026-05-17 15:20:21 +03:00
Cargo.toml	perf: heavily tune UDP socket buffers via socket2 to support 10Gbps+ micro-burst resilience	2026-05-17 02:19:59 +03:00

ospab 8abffde0fd security: per-packet handshake masks (eliminates correlation fingerprint)

Previously handshake obfuscation used a FIXED mask derived from
HMAC(obf_key, u64::MAX). This meant bytes [4..6] (noise_len XOR
fixed_mask) produced the SAME 2-byte value on every handshake from
the same access key — a correlation fingerprint for DPI.

Now BOTH data and handshake packets use the same payload-sampling
approach:
  mask = HMAC-SHA256(obf_key, payload_sample[0..32])

For data packets:   payload_sample = AEAD ciphertext (random per packet)
For handshake packets: payload_sample = Noise ephemeral key (random per connection)

Result: every single byte on the wire is cryptographically independent
across packets. No fixed patterns, no correlation between connections.

Wire analysis after this change:
- Packet sizes: random (84-182 for handshake, variable for data)
- All header bytes: unique per packet (XOR with unique HMAC mask)
- Payload bytes: AEAD ciphertext / Noise handshake (indistinguishable from random)
- No protocol signatures, no version fields, no magic bytes visible on wire

2026-05-17 15:20:21 +03:00

src

security: per-packet handshake masks (eliminates correlation fingerprint)

2026-05-17 15:20:21 +03:00

Cargo.toml

perf: heavily tune UDP socket buffers via socket2 to support 10Gbps+ micro-burst resilience

2026-05-17 02:19:59 +03:00