THREAT MODELING AND CIRCUMVENTION OF INTERNET CENSORSHIP David Fifield Committee: J.D. Tygar (chair) Deirdre Mulligan Vern Paxson September 28, 2017
SCOPE – the “border firewall” [diagram of border firewall] In scope: IP address blocks DNS blocks protocol blocks deep packet inspection bandwidth throttling packet injection (RST) Out of scope: domain takedowns server-side blocking forum moderation
PRINCIPLES Need to resist blocking by content. obfuscate/encrypt/disguise the messages you send and receive Need to resist blocking by address. an unblocked IP address (domain name, URL, ...) to talk with The censor’s reluctance to block stems from its aversion to collateral damage – accidental overblocking; i.e. false positives.
PART THE FIRST Modeling Censors
Academic research on circumvention tends to lack grounding in the real world. Without realistic threat models, researchers risk running an imaginary arms race. [picture of bean tendrils]
2016 meta-analysis of circumvention research and practice Practitioners value: finding and unblocked address in the first place x x x x x x x x x x x x x x x x o o o o o o o o not matching a small set of blocked behaviors (blacklist) x x x x x x x x x x x x x x x x x x x x o Academics value: what you do once you have it x x x x x x x x x o o o o o o o o o o o o o o o o o o o conforming to a small set of allowed behaviors (whitelist) x x x x x o o o o o o o o o o o o o o o o o o o o o o o o o o x = deployed systems (with users) o = undeployed systems
Censors do*: block IP addresses block DNS names mine proxy addresses scan for proxies find keywords in URLs inject TCP RSTs inject DNS responses inspect at the packet level complete shutdowns Censors don’t: whitelist IP addresses whitelist DNS names analyze packet size + timing analyze n-grams do expensive stream reassembly *to a first approximation; there are many exceptions
ACTIVE PROBING [diagram of active probing] The censor pretends to be a client, identifying proxies and adding them to a blacklist. First seen in 2011 by the Great Firewall of China – still the only censor known to use it. The censor’s probes come within seconds, from a wide diversity of source addresses.
BRIDGE BLOCKING DELAYS (in progress) Sometimes censors surprise us with their sophistication (active probing blocks new bridges within seconds). Sometimes they surprise us with a seeming lack of competence (failing to block a static set of IP addresses). We should think of censors as complex systems, with many human and machine components, whose goals are sometimes contradictory.
PART THE SECOND Building Circumvention Systems
DOMAIN FRONTING [diagram of domain fronting] TLS SNI doesn’t match HTTP Host header. The censor sees only the TLS SNI and DNS request. Intermediary CDN routes according to the Host header.
Try it at home! $ wget -q -O- https://ajax.aspnetcdn.com/ ... Microsoft HTML ... $ wget -q -O- https://ajax.aspnetcdn.com/ --header "Host: meek.azureedge.net" I’m just a happy little web server. $ wget -q -O- https://a0.awsstatic.com/ ... Amazon HTML ... $ wget -q -O- https://a0.awsstatic.com/ --header "Host d2zfqthxsdq309.cloudfront.net" I’m just a happy little web server. None of this needs to be kept secret from the censor.
Advantages: easy to implement and deploy quantifiably hard to block Disadvantages: expensive (<$1K/month) slower because of HTTP overhead Now integrated into Tor (as the “meek” pluggable transport), Lantern, Psiphon, Signal – widely used. [diagram of Tor Network Settings] [diagram of Signal advanced settings]
SNOWFLAKE (in development) [diagram of Snowflake] Advantages: avoids address blocking with lightweight ephemeral proxies less expensive than full domain fronting Disadvantages: significant engineering challenges WebRTC’s resistance to content-based blocking is unknown.
CLOSING THOUGHTS
THE END