censorship resistance
play

CENSORSHIP RESISTANCE CMSC 414 APR 17 2018 CENSORSHIP COMES IN - PowerPoint PPT Presentation

CENSORSHIP RESISTANCE CMSC 414 APR 17 2018 CENSORSHIP COMES IN MANY FORMS DROPPING PACKETS Network operators : Block traffic in their own networks/countries Off-path attackers : Inject TCP RST packets (next week) Routing-capable adversaries


  1. CENSORSHIP 
 RESISTANCE CMSC 414 APR 17 2018

  2. CENSORSHIP COMES IN MANY FORMS DROPPING PACKETS Network operators : Block traffic in their own networks/countries Off-path attackers : Inject TCP RST packets (next week) Routing-capable adversaries : Can influence routes on the Internet Black-holing : Announce a low-cost path, drop traffic https://www.youtube.com/watch?v=IzLPKuAOe50 MONITORING TRAFFIC Boomerang routing : Source/destination close, but route goes through 
 a country known to eavesdrop DEANONYMIZATION Identifying and going after whistleblowers MISDIRECTING TRAFFIC DNS injection : Send back false DNS responses

  3. ENEMIES OF THE INTERNET ~Annual report by 
 Reporters without Borders 2014 •Syria •Iran •Russia •Bahrain •Saudia Arabia •USA •UAE •UK •Cuba •Uzbekistan •Belarus •India •Pakistan •China •Vietnam •North Korea •Turkmenistan •Ethiopia •Sudan •Surveillance 
 dealers

  4. ENEMIES OF THE INTERNET

  5. ENEMIES OF THE INTERNET

  6. ENEMIES OF THE INTERNET

  7. COLLATERAL DAMAGE OF INTERNET CENSORSHIP China censors the traffic to or from 
 Known those within its borders They do this via DNS injection Known / expected They do this to any traffic that 
 traverses its borders Not known More traffic traverses China’s borders 
 than we realized Oh geez..

  8. CIRCUMVENTING THE CONSTITUTION LEGAL REGIMES Patriot Act 
 Foreign Intelligence Surveillance Act (FISA) 
 EO 12333 WHAT CAN BE MONITORED? Communication with foreign entities DO ROUTERS COUNT? What if the US routed traffic out of its 
 borders, then back in — would this count 
 as communication with a foreign entity? THIS PAPER: YES, PROBABLY So any traffic could be easily monitored

  9. BLOCKING TOR Estimate the number of users on 
 day i based on previous days’ users Gray area : Range of estimated users; 
 Usage naturally fluctuates Downturn event : Drops below 
 Possibly indicates censorship Upturn event : Rises above “normal” 
 Possibly indicates circumvention

  10. BLOCKING TOR Estimate the number of users on 
 day i based on previous days’ users Gray area : Range of estimated users; 
 Usage naturally fluctuates Downturn event : Drops below 
 Possibly indicates censorship Upturn event : Rises above “normal” 
 Possibly indicates circumvention

  11. HOW TO BLOCK TOR Option 1 : Get a list of all Tor nodes 
 Insert them as firewall rules Bridge nodes : Tor does not list some nodes; 
 Users must learn them out of band Censors ca discover them by actively probing Scan IP addresses, sending protocol-specific 
 messages: handshake (TLS, obfs), Versions (Tor), 
 HTTPS Post (SoftEther), HTTP GET (AppSpot)

  12. HOW TO BLOCK TOR

  13. HOW TO BLOCK TOR Option 2 : IP-based reputation schemes; 
 Will eventually block exit nodes because 
 attackers launder their attack traffic thru Tor

  14. DECOY ROUTING Accepted website 𝗬 Censored website Censoring regime

  15. DECOY ROUTING After session initialization, 
 Decoy router, on the path 
 divert traffic to the censored site to the accepted website Accepted website 𝗬 Censored website Censoring regime How does the decoy router know the true destination but the censor doesn’t? Client includes “tags” in TLS handshakes that only the decoy router can identify

  16. DECOY ROUTING After session initialization, 
 Decoy router, on the path 
 divert traffic to the censored site to the accepted website Accepted website 𝗬 Censored website Censoring regime How does the decoy router know the true destination but the censor doesn’t? Client includes “tags” in TLS handshakes that only the decoy router can identify

  17. DECOY ROUTING TAGS

  18. AVOIDING CENSORS One approach 1. Map the Internet 2. Choose paths that do not go through the attackers’ countries

  19. AVOIDING CENSORS One approach Incredibly difficult research problem unto itself! 1. Map the Internet 2. Choose paths that do not go through the attackers’ countries

  20. AVOIDING CENSORS One approach Incredibly difficult research problem unto itself! 1. Map the Internet 2. Choose paths that do not go through the attackers’ countries Is it possible to get provable avoidance ?

  21. SOME RESEARCH HERE AT UMD QUESTION Can we provably avoid countries 
 known to censor/attack? DEMONSTRATES:

  22. SOME RESEARCH HERE AT UMD QUESTION Can we provably avoid countries 
 known to censor/attack? DEMONSTRATES: It is possible to get “provable 
 avoidance” without even knowing 
 where exactly packets go

  23. Users lack control over routing Mostly relegated to destination-based routing send to

  24. Users lack control over routing Mostly relegated to destination-based routing send to

  25. Users lack control over routing Collateral damage of censorship send to Censor-free Censor-free Censoring country

  26. Users lack control over routing Collateral damage of censorship send to ✘ Censor-free Censor-free Censoring country

  27. Users lack control over routing Collateral damage of censorship send to ✘ Censor-free Censor-free Censoring country Hide info, but are still 
 Encryption Anonymity 
 (HTTPS) (Tor) subject to censorship

  28. This work send to ✘ Censor-free Censor-free Censoring country

  29. This work send to Censor-free Censor-free Censoring country

  30. Provable avoidance routing send to but avoid

  31. Provable avoidance routing send to but avoid Provably disjoint paths Diffie-Hellman A broadly applicable primitive Avoiding boomerangs Distinct vantage points

  32. Provable route avoidance goals Users request their traffic to avoid 
 Flexibility transiting arbitrary geographic regions Provide proofs of avoidance Proof

  33. Provable route avoidance goals Users request their traffic to avoid 
 Flexibility transiting arbitrary geographic regions Provide proofs of avoidance Proof

  34. Provable route avoidance goals Users request their traffic to avoid 
 Flexibility transiting arbitrary geographic regions Without having to know 
 underlying routes Provide proofs of avoidance Proof

  35. Provable route avoidance goals Users request their traffic to avoid 
 Flexibility transiting arbitrary geographic regions Provide proofs of avoidance Proof

  36. Provable route avoidance goals Users request their traffic to avoid 
 Flexibility transiting arbitrary geographic regions Provide proofs of avoidance Proof Goal: proof that it did not traverse

  37. Provable route avoidance goals Users request their traffic to avoid 
 Flexibility transiting arbitrary geographic regions Provide proofs of avoidance Proof Goal: proof that it did not traverse Non-goal: proof that it cannot traverse

  38. Provable route avoidance goals Users request their traffic to avoid 
 Flexibility transiting arbitrary geographic regions Provide proofs of avoidance Proof Goal: proof that it did not traverse Unadulterated roundtrip of communication Non-goal: proof that it cannot traverse

  39. Provable route avoidance goals Users request their traffic to avoid 
 Flexibility transiting arbitrary geographic regions Provide proofs of avoidance Proof How do you prove that something did not happen?

  40. Proving the impossible X How do you prove did not happen 
 without enumerating everything that could have?

  41. Proving the impossible X How do you prove did not happen 
 without enumerating everything that could have? A

  42. ⇒ Proving the impossible X How do you prove did not happen 
 without enumerating everything that could have? A && A !X Mutually exclusive

  43. ⇒ ⇒ Proving the impossible X How do you prove did not happen 
 without enumerating everything that could have? A && A !X !X Mutually exclusive

  44. ⇒ ⇒ Proving the impossible X How do you prove did not happen 
 without enumerating everything that could have? A && A !X !X Mutually exclusive is an alibi A

Recommend


More recommend