Disguising maidsafe packets

Wondering if the devs have considered if or how they might disguise MaidSafe packets. For instance SkypeMorph diguises Tor packets making them appear as skype packets and thus inhibiting censorship. I know that MaidSafe is using RUDP, so also curious how easily this protocol can be disguised.



rudp also does encrypt hop to hop, the idea is the whole payload is encrypted which includes rudp header info. Then all that is left is packets with udp header and encrypted payload.


Specifically, my concern is that, should a government like China decide that MAIDSAFE is ‘bad’, whatever that means, they will seek a way to detect the specific packet type and then block it. UDP is ubiquitous, so blocking that would be impractical, …so you are indicating that there is no means , that you are aware, of distinguishing the MAIDSAFE rudp packet from conventional UDP packets? TOR is fully encrypted, but they have ways of distinguishing TOR packets from normal internet traffic, which is why I linked the above article on SkypeMorph - a tool that reshapes the packet to appear like skype traffic.

Exactly our approach is to make it appear as udp traffic, on random ports.


I think our advantage may be that the ports we use are random (any port) and change continually. It would be pattern matching that needs done as opposed to deep packet inspection on its own. If the nodes exhibit detectable patters then we need to consider it further. There is a lot can be done there as well though.

As rudp is fairly modular this can hopefully be altered if required with minimal impact on anything else.


I continue to be impressed by the thought that has gone into this project. If it all works as described, it will change the shape of the internet forever.


What about the protocol of finding a node to login to the SAFE network? Could that be identified as connecting to SAFE?

Even the very first bootstrap is encrypted as well. The local cache file that holds last known direct connected (therefor bootstrap OK) nodes and their last known port (and public_key) , so even that is not really detectable.


Thanks for the clarification David. For others reading this thread, I’ll add some more details about what the Tor people are doing:

Tor users are able to utilize a program called obfsproxy which allows pluggable transports (protocols), like skypemorph. Many censorship-oriented countries employ active firewalls that look at packets flowing through ISP’s. it’s sort of a super meta-meta-data analysis. It was discovered, that Tor packets had a distinct appearance and hence they could be targeted by a firewall and blocked. Obfsproxy allows Tor packets to be reshaped according to a particular protocol - a ‘pluggable transport’. The idea is to make the packet appear as something that the firewallers would not want to block - what they would consider legitimate traffic.

1 Like

@dirvine, I was hoping you might have a minute to clarify this

with maidsafe you don’t have any keys to keep like bitcoin right? Just a password that goes to your account, and the self encryption system makes keys for the file chunks using there own data to generate them

Well there are lots and lots of keys, but you do not need to see them or know they are there. All you need is your login credentials, this we then secure as time goes by (yubikey/physical stuff etc.)


Thank you, for confirming this for us, David.

If you want details on this: http://maidsafe.net/SystemDocs/system_components/self_authentication.html