DEFENSES

dust Dust (Wiley 2011 pluggable transport)

Brandon Wiley's blocking-resistant Internet transport protocol; randomized handshake predecessor to obfs / ScrambleSuit lineage.

1 paper on file

2011-wiley-dust Dust: A Blocking-Resistant Internet Transport Protocol University of Texas at Austin · 2011

2 findings tagged here

Dust defeats DPI fingerprinting by constructing all packets from entirely encrypted or single-use random bytes (defeating static string matching), appending a random number of random padding bytes to every packet (defeating length matching), and permitting a complete client–server conversation to be encoded in a single UDP or TCP packet (defeating timing analysis for sufficiently small payloads).

2011-wiley-dust §3, §3 Discussion defense
Dust eliminates the in-band key-exchange fingerprint surface via an out-of-band half-handshake: the server's public key, IP, port, and a single-use secret are bundled into a PBKDF-encrypted invite packet transmitted out-of-band; only the decryption password (not the server IP) appears in plaintext, defeating the email/IM IP-address blocking attacks documented against prior systems.

2011-wiley-dust §3, §3.1 defense