Telegram strikes back DPI and locks - Fake TLS

Telegram is testing a new version of blocking bypass - masking traffic under normal TLS (https).

Background: Attempts to block Telegram take place in different countries, the first blocking option was simple - blocking the IP addresses of Telegram servers.



Telegram successfully enough fights off this attack, periodically changing the IP from which it is available, however this causes a long initial Connecting ...



Socks proxies became available a little later, but the protocol does not imply encryption, and this made it possible to simply look “inside” the socks tunnel, determining that Telegram was inside it, blocking the proxy.



The next round was the release of MTProto Proxy, a Telegram proxy server that uses its MTProto protocol, but it also had some problems - the packet size is quite characteristic and specific, and many DPIs began to determine Telegram after the first packet - blocking access.



The answer to this behavior was the introduction of a new version of the MTProto protocol - with a random length, now it’s more difficult to determine that the Telegram tunnel is in front of us, part of the DPI began to classify traffic as “another” part but still learned to identify a characteristic pattern and with some probability (not 100%) determine that traffic is related to Telegram

Now we are moving on to the next stage (it seems final or pre-final) - steganography .

Steganography (from the Greek. Στεγανός “hidden” + γράφω “I write”; letters. “Secret writing”) - a method of transmitting or storing information, taking into account the confidentiality of the very fact of such a transfer (storage).

In other words, Telegram will now pretend to be regular TLS (https) traffic.

Why pretend?

The answer lies on the surface - at present, most of the traffic is TLS (https), when using this protocol, this is what your provider or DPI will see:

1. Your IP
2. IP Server
3. Connection domain (URL will not see)

Moreover, active work is underway on the last item in order to remove it, and in addition to two IPs, there was just an encrypted tunnel with unknown contents.



In such a situation, all non-standard protocols begin to attract additional attention and the solution to this problem is one thing - if you look like TLS (https) then there are fewer questions.

Technical implementation

When using the new protocol, the MTProto stream is wrapped in standard HTTPS (the first tunnel negotiation messages) in which the domain (fake) is being transferred. After negotiation of the MTProto protocol - Fake-TLS is not used, then the traffic begins to go with the usual MTProto protocol with a random length (dd - keys).

For reference: Telegram uses 3 types of keys for MTProto Proxy:

1. Regular keys (Easily determined by DPI)
2. The first two letters - dd - random message length (DPI can determine the protocol only by the first connection negotiation packets - it looks like regular https / TLS)
3. The first two letters - ee - Fake TLS + random message length (DPI cannot determine the protocol, the first message and all subsequent ones look like HTTPS / TLS)

Where to try?

There are already two proxy servers that support the new standard (there is still no official proxy server, although it added support for dd keys a long time ago)



Supporting Fake TLS Proxy mode:

1. Python github.com/alexbers/mtprotoproxy
2. Erlang github.com/seriyps/mtproto_proxy/tree/fake-tls

Please note: at the time of writing, the article - the fake tls functionality is experimental, therefore you need to use Beta- or Alpha versions of the software (both proxies and clients)

Which clients support the new mode?

Beta versions of Telegram Desktop, Telegram iOS and say stable version on Android.

How to try?

1. For example, we will use a proxy in Python:
2. Install Proxy:
   
   
   
   

   git clone https://github.com/alexbers/mtprotoproxy.git; cd mtprotoproxy
         
         
   
           
           
           
         
   
       
           
           
           
         
         
   
           
           
           
         
   
       
       

3. :
   
   
   
   

   python3 mtprotoproxy.py
         
         
   
           
           
           
         
   
       
           
           
           
         
         
   
           
           
           
         
   
       
       

4. (experimental) — :
   
   
   
   

   tg: tg://proxy?server=8.8.8.8&port=443&secret=7gAAAAAAAAAAAAAAAAAAAABnb29nbGUuY29t (experimental)
         
         
   
           
           
           
         
   
       
           
           
           
         
         
   
           
           
           
         
   
       
       

5. — , Fake TLS.

?

Google.com , DPI HTTPS Google.com IP — , , .

! (IP) Google.com

Fake TLS — ?

— HTTPS DPI :

1. IP

( eSNI).



Fake TLS , , , Google - Google — , , - - Google HTTPS/TLS .

?

, — — ( ). , HTTPS . ? — , .



— + () — , — MTProto.



eSNI ( ) — .

?

, Telegram , https/TLS WebSocket — .

MTProto — , Telegram — .



, — () , .



— 443 ( HTTPS) ( dd ee), ee dd , .



— , eSNI — .

• SSLH: SSH/HTTPS/OpenVPN/Telegram 443
• Telegram MTProto Proxy Server