One Time Auth

One-time authentication (shortened as OTA) is a new experimental feature designed to improve the security against CCA. You should understand the protocol before reading this document.

By default, the server that supports OTA should run in the compatible mode. OTA is only applied if the client's request header has a flag set. However, if the server switch on OTA explicitly, all clients must switch on OTA, otherwise connections will be denied.

The authentication method is HMAC-SHA1 which has wide supports among all major platforms and fairly good speed.

TCP

The structure of an OTA-enabled request (unencrypted) is shown below:

+------+---------------------+------------------+-----------+

| ATYP | Destination Address | Destination Port | HMAC-SHA1 |

+------+---------------------+------------------+-----------+

|  1   |       Variable      |         2        |    10     |

+------+---------------------+------------------+-----------+

ATYP is a 8-bit char where the rightmost four bits, 0b00001111 (0xf), are reserved for address types, the flag bit of OTA is 0b00010000 (0x10). In C/C++, simply check if ATYP & 0x10 == 0x10, then OTA is enabled.

The key of HMAC-SHA1 is (IV + KEY), and the input is the whole header (not including HMAC-SHA1). The output of HMAC-SHA1 is truncated to leftmost 80 bits (10 bytes) according to RFC 2104.

Chunk Authentication

The structure of an OTA-enabled chunk (decrypted) of shadowsocks TCP relay is shown below:

+----------+-----------+----------+----

| DATA.LEN | HMAC-SHA1 |   DATA   | ...

+----------+-----------+----------+----

|     2    |     10    | Variable | ...

+----------+-----------+----------+----

DATA.LEN is a 16-bit big-endian integer indicating the length of DATA.

The input of HMAC-SHA1 is DATA. And the key of HMAC-SHA1 is (IV + Chunk ID) where Chunk ID is an unsigned integer counted per connection from 0. In order to achieve this, both server side and client side need to keep a counter for each TCP connection. Chunk ID must be converted to big-endian before constructing the key of HMAC-SHA1.

For a client, after constructing an OTA-enabled request, the whole chunk is encrypted as a payload then sent to server-side.

Tips:

  • The server must check the completeness of a shadowsocks TCP request before verifying HMAC-SHA1 and forwarding.
  • The chunk authentication is only applied for the packets sent from client-side shadowsocks.

UDP

There is no session in UDP relay, each UDP packet contains both header and data. Therefore, for an OTA-enabled UDP packet, the datagram structure (unencrypted) is slightly different:

+------+---------------------+------------------+----------+-----------+

| ATYP | Destination Address | Destination Port |   DATA   | HMAC-SHA1 |

+------+---------------------+------------------+----------+-----------+

|  1   |       Variable      |         2        | Variable |     10    |

+------+---------------------+------------------+----------+-----------+

The key of HMAC-SHA1 is (IV + KEY), and the input is the header plus data.

One Time Auth的更多相关文章

  1. Laravel 5.3 auth中间件底层实现详解

    1. 注册认证中间件, 在文件 app/Http/Kernel.php 内完成: protected $routeMiddleware = [ 'auth' => \Illuminate\Aut ...

  2. httpclient进行basic auth认证

    private HttpClientContext context = HttpClientContext.create(); public void addUserOAuth(String user ...

  3. Apache增加Basic Auth

    在.htaccess文件中增加 AuthUserFile /var/www/htpasswd/test.htpasswd AuthName EnterPassword AuthType Basic r ...

  4. asp.net mvc api auth

    一.登录 /// <summary> /// 获取令牌 /// </summary> /// <param name="userName">用户 ...

  5. Send Push Notifications to iOS Devices using Xcode 8 and Swift 3, APNs Auth Key

    Send Push Notifications to iOS Devices using Xcode 8 and Swift 3 OCT 6, 2016 Push notifications are ...

  6. RBAC在thinkphp中有Auth类 可以很好的实现权限控制

    import('ORG.Util.Auth');//加载类库 $auth=new Auth(); if($auth->check('show_button',1)){// 第一个参数是规则名称, ...

  7. 智慧城市的【Auth】登录对象

    从Auth对象看前端:1.将与Auth对象相关的功能分离出来.所含的内容包括:[个人中心相关信息的显示,注册,登录,忘记密码,修改密码,个人信息修改]. 2.从“我的”页面开始,显示使用哪儿的数据,需 ...

  8. auth用户认证库

    关于auth库,建议如下:1. ion_auth,基于Redux重写而成,非常不错的认证库,国外用的很多,几个最新的ci2.0.2基础上的开源系统(如doveforum)都用它,支持ci 2.0和以上 ...

  9. Redis集群~StackExchange.Redis(10月6号版1.1.608.0)连接Twemproxy支持Auth指令了

    回到目录 对于StackExchange.Redis这个驱动来说,之前的版本在使用Proxy为Twemproxy代理时,它是不支持Password属性的,即不支持原始的Auth指令,而我也修改过源代码 ...

  10. Server asks us to fall back to SIMPLE auth, but this client is configured to only allow secure connections.

    我是在flume向hdfs 写(sink)数据时遇到的这个错误. Server (是指hdfs) asks us to fall back to SIMPLE auth, but this clien ...

随机推荐

  1. #region 自适应屏幕分辨率

            #region 自适应屏幕分辨率 [StructLayout(LayoutKind.Sequential, CharSet = CharSet.Auto)]        public ...

  2. Interleaving String leetcode java

    题目: Given s1, s2, s3, find whether s3 is formed by the interleaving of s1 and s2. For example, Given ...

  3. 【wikioi】1191 数轴染色(线段树+水题)

    http://wikioi.com/problem/1191/ 太水的线段树了,敲了10分钟就敲完了,但是听说还有一种并查集的做法?不明觉厉. #include <cstdio> #inc ...

  4. asp.net 微信企业号办公系统-流程设计--流程步骤设置-策略设置

    策略设置包括当前步骤的流转方式,处理人员,退回策略等设置. 流转类型:当前步骤后面有多个步骤时,此类型选择可以决定后续步骤的发送方式. 1.系统控制:由系统根据您在线上设置的流转条件来判断该发送到哪一 ...

  5. 新浪微博iOS客户端架构与优化之路

    新浪微博iOS客户端架构与优化之路   随着Facebook.Twitter.微博的崛起,向UGC.PGC.OGC,自媒体提供平台的内 容消费型App逐渐形成了独特的客户端架构模式.与电商和通讯工具类 ...

  6. [转] - QBuffer类参考

    QBuffer类参考 QBuffer类是一个操作QByteArray的输入/输出设备. 详情请见…… #include <qbuffer.h> 继承了QIODevice. 所有成员函数的列 ...

  7. 关于如何用php 获取当前脚本的url

    关于用php 获取当前脚本的url很多朋友会说很简单,但是要获取很详细的就要经过多次判断哦. $PHP_TIME = time();$PHP_SELF = isset($_SERVER['PHP_SE ...

  8. 用ultraISO 制作一个MSdos启动软盘镜像

    见过软盘,但是没用过,在虚拟机里试试. 磁带,软盘,光盘,硬盘…… 储存介质一代代更新,看到的img.iso文件都是叫做镜像文件(image file ).image 即图片照片,所谓的image f ...

  9. UVALive 7472

    题意 有n个循环 给出x a b c xi+1=(a*x+b)%c 要求是从这些循环中各取一个数 使加和最大并且给出一个m 满足sum%m!=0 n的范围是4次方 c的范围是3次方 训练赛的时候看了一 ...

  10. 39. 求分数序列前N项和

    求分数序列前N项和 #include <stdio.h> int main() { int i, n; double numerator, denominator, item, sum, ...