All existing anti-censorship systems for the Web rely on proxies to grant clients access to censored information. Therefore, they face the proxy discovery problem: how can clients discover the proxies without having the censor discover and block these proxies? To avoid widespread discovery and blocking, proxies must not be widely published and should be discovered in-band. In this paper, we present a proxy discovery mechanism called keyspace hopping that meets this goal. Similar in spirit to frequency hopping in wireless networks, keyspace hopping ensures that each client discovers only a small fraction of the total number of proxies. However, requiring clients to independently discover proxies from a large set makes it practically impossible to verify the trustworthiness of every proxy and creates the possibility of having untrusted proxies. To address this, we propose separating the proxy into two distinct components—the messenger, which the client discovers using keyspace hopping and which simply acts as a gateway to the Internet; and the portal, whose identity is widely-published and whose responsibility it is to interpret and serve the client’s requests for censored content. We show how this separation, as well as in-band proxy discovery, can be applied to a variety of anti-censorship systems.
- Discovery Technique
- Client Request
- Hide Message
- USENIX Security Symposium
- Hiding Function
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This is a preview of subscription content, access via your institution.
Tax calculation will be finalised at checkout
Purchases are for personal use onlyLearn about institutional subscriptions
Unable to display preview. Download preview PDF.
Beam, L.: Leaderless resistance (February 1992), http://www.louisbeam.com/leaderless.htm
Feamster, N., Balazinska, M., Harfst, G., Balakrishnan, H., Karger, D.: Infranet: Circumventing Web censorship and surveillance. In: Proceedings of the 11th USENIX Security Symposium, San Francisco, CA (August 2002)
Freedman, M.J., Morris, R.: Tarzan: A peer-to-peer anonymizing network layer. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, Washington, D.C. (November 2002)
Hintz, A.: Fingerprinting websites using traffic analysis. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 171–178. Springer, Heidelberg (2003)
Juels, A., Brainard, J.: Client puzzles: A cryptographic defense against connection depletion attacks. In: Proceddings of the Network and Distributed System Security Symposium (NDSS 1999), San Diego, CA (February 1999)
Netcraft web server survey (2003), http://www.netcraft.com/survey/
PGP FAQ, http://www.faqs.org/faqs/pgp-faq/
Proakis, J., Salehi, M.: Communication System Engineering. Prentice-Hall, Englewood Cliffs (1994)
Provos, N.: Defending against statistical steganalysis. In: Proceedings of the 10th USENIX Security Symposium, Washington, D.C. (August 2001)
Sun, Q., Simon, D.R., Wang, Y.-M., Russell, W., Padmanabhan, V., Qiu, L.: Statistical identification of encrypted Web browsing traffic. In: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA (May 2002)
Zero-Knowledge Systems. Freedom WebSecure, http://www.freedom.net/products/websecure/
Syverson, P.F., Goldschlag, D.M., Reed, M.G.: Anonymous connections and onion routing. In: Proceedings of the 18th Annual Symposium on Security and Privacy, Oakland, CA (May 1997)
The Cult of the Dead Cow (cDc). Peekabooty, http://www.vnunet.com/News/1121286
Editors and Affiliations
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Feamster, N., Balazinska, M., Wang, W., Balakrishnan, H., Karger, D. (2003). Thwarting Web Censorship with Untrusted Messenger Discovery. In: Dingledine, R. (eds) Privacy Enhancing Technologies. PET 2003. Lecture Notes in Computer Science, vol 2760. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-40956-4_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20610-1
Online ISBN: 978-3-540-40956-4
eBook Packages: Springer Book Archive