Telex: anticensorship in the network infrastructure

Authors:
Eric Wustrow;Scott Wolchok;Ian Goldberg;J. Alex Halderman
Affiliations:
The University of Michigan;The University of Michigan;University of Waterloo;The University of Michigan
Venue:
SEC'11 Proceedings of the 20th USENIX conference on Security
Year:
2011

Citing 13
Cited 17

Bro: a system for detecting network intruders in real-time

Computer Networks: The International Journal of Computer and Telecommunications Networking
The Sybil Attack

IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Infranet: Circumventing Web Censorship and Surveillance

Proceedings of the 11th USENIX Security Symposium
The Decision Diffie-Hellman Problem

ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
New client puzzle outsourcing techniques for DoS resistance

Proceedings of the 11th ACM conference on Computer and communications security
Low-Cost Traffic Analysis of Tor

SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
SAGE: system for algebra and geometry experimentation

ACM SIGSAM Bulletin
Tor: the second-generation onion router

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Survey on anonymous communications in computer networks

Computer Communications
Fingerprinting websites using traffic analysis

PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Aggregate and verifiably encrypted signatures from bilinear maps

EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
The NIDS cluster: scalable, stateful network intrusion detection on commodity hardware

RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Curve25519: new diffie-hellman speed records

PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography

Cirripede: circumvention infrastructure using router redirection with plausible deniability

Proceedings of the 18th ACM conference on Computer and communications security
Evading censorship with browser-based proxies

PETS'12 Proceedings of the 12th international conference on Privacy Enhancing Technologies
Secure communication over diverse transports: [short paper]

Proceedings of the 2012 ACM workshop on Privacy in the electronic society
Routing around decoys

Proceedings of the 2012 ACM conference on Computer and communications security
SkypeMorph: protocol obfuscation for Tor bridges

Proceedings of the 2012 ACM conference on Computer and communications security
StegoTorus: a camouflage proxy for the Tor anonymity system

Proceedings of the 2012 ACM conference on Computer and communications security
CensorSpoofer: asymmetric communication using IP spoofing for censorship-resistant web browsing

Proceedings of the 2012 ACM conference on Computer and communications security
Making sense of internet censorship: a new frontier for internet measurement

ACM SIGCOMM Computer Communication Review
POSTER: Identity-based steganography and its applications to censorship resistance

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Protocol misidentification made easy with format-transforming encryption

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Elligator: elliptic-curve points indistinguishable from uniform random strings

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Cover your ACKs: pitfalls of covert channel censorship circumvention

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Control-Alt-Hack: the design and evaluation of a card game for computer security awareness and education

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
A Taxonomy of Censors and Anti-Censors Part II: Anti-Censorship Technologies

International Journal of E-Politics
Message in a bottle: sailing past censorship

Proceedings of the 29th Annual Computer Security Applications Conference
Validating web content with senser

Proceedings of the 29th Annual Computer Security Applications Conference
VPN gate: a volunteer-organized public VPN relay system with blocking resistance for bypassing government censorship firewalls

NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper, we present Telex, a new approach to resisting state-level Internet censorship. Rather than attempting to win the cat-and-mouse game of finding open proxies, we leverage censors' unwillingness to completely block day-to-day Internet access. In effect, Telex converts innocuous, unblocked websites into proxies, without their explicit collaboration. We envision that friendly ISPs would deploy Telex stations on paths between censors' networks and popular, uncensored Internet destinations. Telex stations would monitor seemingly innocuous flows for a special "tag" and transparently divert them to a forbidden website or service instead. We propose a new cryptographic scheme based on elliptic curves for tagging TLS handshakes such that the tag is visible to a Telex station but not to a censor. In addition, we use our tagging scheme to build a protocol that allows clients to connect to Telex stations while resisting both passive and active attacks. We also present a proof-of-concept implementation that demonstrates the feasibility of our system.