[liberationtech] Anticensorship in the Internet's Infrastructure

Yosem Companys companys at stanford.edu
Mon Jul 18 08:25:47 PDT 2011 

https://freedom-to-tinker.com/blog/jhalderm/anticensorship-internets-infrastructure

Freedom to Tinker is hosted by Princeton's Center for Information Technology
Policy <http://citp.princeton.edu/>, a research center that studies digital
technologies in public life. Here you'll find comment and analysis from the
digital frontier, written by the Center's faculty, students, and friends.

Anticensorship in the Internet's Infrastructure
By J. Alex Halderman <https://freedom-to-tinker.com/user/jhalderm> - Posted
on July 18th, 2011 at 6:30 am

I'm pleased to announce a research result that Eric
Wustrow<https://ericw.us/trow>
, Scott Wolchok <http://scott.wolchok.org/>, Ian
Goldberg<http://www.cs.uwaterloo.ca/~iang/>
, and I <https://jhalderm.com/> have been working on for the past 18
months: Telex <https://telex.cc/>, a new approach to circumventing
state-level Internet censorship. Telex is markedly different from past
anticensorship efforts, and we believe it has the potential to shift the
balance of power in the censorship arms race.

What makes Telex different from previous approaches:

   - Telex operates in the *network infrastructure* — at any ISP between the
   censor's network and non-blocked portions of the Internet — rather than at
   network end points. This approach, which we call “end-to-middle” proxying,
   can make the system robust against countermeasures (such as blocking) by the
   censor.
   - Telex focuses on *avoiding detection* by the censor. That is, it allows
   a user to circumvent a censor without alerting the censor to the act of
   circumvention. It complements anonymizing services like
Tor<https://torproject.org/> (which
   focus on hiding *with whom*the user is attempting to communicate instead
   of *that* that the user is attempting to have an anonymous conversation)
   rather than replacing them.
   - Telex employs a form of *deep-packet inspection* — a technology
   sometimes used to censor communication — and repurposes it to circumvent
   censorship.
   - Other systems require distributing secrets, such as encryption keys or
   IP addresses, to individual users. If the censor discovers these secrets, it
   can block the system. With Telex, there are *no secrets* that need to be
   communicated to users in advance, only the publicly available client
   software.
   - Telex can provide a *state-level response* to state-level censorship.
   We envision that friendly countries would create incentives for ISPs to
   deploy Telex.

For more information, keep reading, or visit the *Telex
website<https://telex.cc/>
*.
The Problem

Government Internet censors generally use firewalls in their network to
block traffic bound for certain destinations, or containing particular
content. For Telex, we assume that the censor government desires generally
to allow Internet access (for economic or political reasons) while still
preventing access to specifically blacklisted content and sites. That means
Telex doesn't help in cases where a government pulls the plug on the
Internet entirely. We further assume that the censor allows access to at
least some secure HTTPS websites. This is a safe assumption, since blocking
all HTTPS traffic would cut off practically every site that uses password
logins.

Many anticensorship systems work by making an encrypted connection (called a
“tunnel”) from the user's computer to a trusted proxy server located outside
the censor's network. This server relays requests to censored websites and
returns the responses to the user over the encrypted tunnel. This approach
leads to a cat-and-mouse game, where the censor attempts to discover and
block the proxy servers. Users need to learn the address and login
information for a proxy server somehow, and it's very difficult to broadcast
this information to a large number of users without the censor also learning
it.
 How Telex Works

 <https://dl.dropbox.com/u/91818/ftt/telex-brief_800.png>

Telex turns this approach on its head to create what is essentially a proxy
server without an IP address. In fact, users don't need to know any secrets
to connect. The user installs a Telex client app (perhaps by downloading it
from an intermittently available website or by making a copy from a friend).
When the user wants to visit a blacklisted site, the client establishes an
encrypted HTTPS connection to a non-blacklisted web server outside the
censor’s network, which could be a normal site that the user regularly
visits. Since the connection looks normal, the censor allows it, but this
connection is only a decoy.

The client secretly marks the connection as a Telex request by inserting a
cryptographic tag into the headers. We construct this tag using a mechanism
called public-key steganography. This means anyone can tag a connection
using only publicly available information, but only the Telex service (using
a private key) can recognize that a connection has been tagged.

As the connection travels over the Internet en route to the non-blacklisted
site, it passes through routers at various ISPs in the core of the network.
We envision that some of these ISPs would deploy equipment we call Telex
stations. These devices hold a private key that lets them recognize tagged
connections from Telex clients and decrypt these HTTPS connections. The
stations then divert the connections to anti­censorship services, such as
proxy servers or Tor entry points, which clients can use to access blocked
sites. This creates an encrypted tunnel between the Telex user and Telex
station at the ISP, redirecting connections to any site on the Internet.

Telex doesn't require active participation from the censored websites,
*or* from
the non-censored sites that serve as the apparent connection destinations.
However, it does rely on ISPs to deploy Telex stations on network paths
between the censor's network and many popular Internet destinations.
Widespread ISP deployment might require incentives from governments.
 Development so Far

At this point, Telex is a concept rather than a production system. It's far
from ready for real users, but we have developed proof-of-concept software
for researchers to experiment with. So far, there's only one Telex station,
on a mock ISP that we're operating in our lab. Nevertheless, we have been
using Telex for our daily web browsing for the past four months, and we're
pleased with the performance and stability. We've even tested it using a
client in Beijing and streamed HD YouTube videos, in spite of YouTube being
censored there.

Telex illustrates how it is possible to shift the balance of power in the
censorship arms race, by thinking big about the problem. We hope our work
will inspire discussion and further research about the future of
anticensorship technology.

You can find more information and prototype software at the *Telex
website<https://telex.cc/>
*, or read our technical paper <https://telex.cc/paper.html>, which will
appear at Usenix Security 2011 <http://www.usenix.org/events/sec11/> in
August.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20110718/ccff57d0/attachment.html>

More information about the liberationtech mailing list