Mailet: Instant Social Networking under Censorship

Li, Shuai; Hopper, Nicholas

doi:10.1515/popets-2016-0011

Cited by 7 publications

(12 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The controller would thus confirm DR flows by matching the content of TLS ClientRandom in ClientHello (of potential DR flows), to the one received in the email. On the use of email: In the past, email has been successfully used as a covert channel for transporting censored content [32,36,37,41]. Similar to such efforts, we also assume that users have access to some form of TLS supported email (either webmail or regular SMTPS).…”

Section: Improved Covert Signallingmentioning

confidence: 99%

“…Thus, even if one email ID is spammed, clients can use other email IDs to access DR service. Additionally, similar to Mailet [41], we can also enforce usage limitations on clients or can use Captcha [55] and/or puzzles. d) Fake Sessions Attack: As a more sophisticated attack, the adversary could send the controller "legitimate-looking" emails, which set up decoy routing sessions with random source IP addresses and ISNs.…”

Section: ) Dos Attacksmentioning

confidence: 99%

See 1 more Smart Citation

SiegeBreaker: An SDN Based Practical Decoy Routing System

Sharma

Gosain

Sagar

et al. 2020

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

Decoy Routing (DR), a promising approach to censorship circumvention, uses routers (rather than end hosts) as proxy servers. Users of censored networks, who wish to use DR, send specially crafted packets, nominally addressed to an uncensored website. Once safely out of the censored network, the packets encounter a special router (the Decoy Router) which identifies them using a secret handshake, and proxies them to their true destination (a censored site). However, DR has implementation problems: it is infeasible to reprogram routers for the complex operations required. Existing DR solutions fall back on using commodity servers as a Decoy Router. But as servers are not efficient at routing, most web applications show poor performance when accessed over DR. A further concern is that the Decoy Router has to inspect all flows in order to identify the ones that need DR. This may itself be a breach of privacy for other users (who neither require DR nor want to be monitored). In this paper, we present a novel DR system, Siege- Breaker (SB), which solves the aforementioned problems using an SDN-based architecture. Previous proposals involve a single unit which performs all major operations (inspecting all flows, identifying the DR requests and proxying them). In contrast, SB distributes the tasks for DR among three independent modules. (1) The SDN controller identifies DR requests via a covert, privacy preserving scheme, and does not need to inspect all flows. (2) The reconfigurable SDN switch intercepts packets, and forwards them to a secret proxy efficiently. (3) The secret proxy server proxies the client’s traffic to the censored site. Our modular, lightweight design achieves performance comparable to direct TCP downloads, for both in-lab setups, and Internet based tests involving commercial SDN switches.

show abstract

Section: Improved Covert Signallingmentioning

confidence: 99%

Section: ) Dos Attacksmentioning

confidence: 99%

SiegeBreaker: An SDN Based Practical Decoy Routing System

Sharma

Gosain

Sagar

et al. 2020

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

show abstract

“…Mailet. Li and Hopper design a secure computation protocol for TLS GCM and use it to realize a censorshipcircumvention system named Mailet [39]. As in our setting, they have a client and proxy that jointly compute a TLS record to allow authentication to a remote server (Twitter in the case of Mailet).…”

Section: Related Workmentioning

confidence: 99%

Blind Certificate Authorities

Wang

Asharov

Pass

et al. 2019

2019 IEEE Symposium on Security and Privacy (SP)

View full text Add to dashboard Cite

We explore how to build a blind certificate authority (CA). Unlike conventional CAs, which learn the exact identity of those registering a public key, a blind CA can simultaneously validate an identity and provide a certificate binding a public key to it, without ever learning the identity. Blind CAs would therefore allow bootstrapping truly anonymous systems in which no party ever learns who participates. In this work we focus on constructing blind CAs that can bind an email address to a public key.To do so, we first introduce secure channel injection (SCI) protocols. These allow one party (in our setting, the blind CA) to insert a private message into another party's encrypted communications. We construct an efficient SCI protocol for communications delivered over TLS, and use it to realize anonymous proofs of account ownership for SMTP servers. Combined with a zero-knowledge certificate signing protocol, we build the first blind CA that allows Alice to obtain a X.

show abstract

“…In §2, we analyze previously proposed censorship-resistant systems for their ability to achieve behavioral realism and behavioral independence and find that no previous system simultaneously achieves both properties. In §3, we further motivate the importance of considering protocol behavior and demonstrate how previous email-based censorship-resistant systems that do not provide behavior independence [38,42] can be trivially detected through traffic analysis. We present the results from a novel internet measurement of the accessibility of email protocols in censored regions in §4.1, wherein we find that out-of-country email connections are allowed to some degree for all tested countries.…”

Section: Introductionmentioning

confidence: 99%

“…Raven supports covert interaction with TLS-based services through the use of Intel processor Software Guard Extensions (SGX) [3]. More specifically, Raven enables secure, delay-tolerant TLS communication with Twitter, an established use-case for censorship circumvention tools [42,59]. In particular, Twitter has become a recent target of state-sponsored censorship activity as governments attempt to control the flow of information on their networks [76], and Raven could be used to combat these efforts.…”

Section: Introductionmentioning

confidence: 99%

Learning to Behave: Improving Covert Channel Security with Behavior-Based Designs

Wails

Stange

Troper

et al. 2022

PoPETs

View full text Add to dashboard Cite

Censorship-resistant communication systems generally use real-world cover protocols to establish a covert channel through which uncensored communication can occur. Unfortunately, many previously proposed systems use cover protocols inconsistently with the way humans normally use those protocols, leading to anomalous network traffic patterns that have been shown to be discoverable by real-world censors. In this paper, we argue that censorship-resistant communication systems should follow two behavior-based design properties: (i) behavioral independence: systems should isolate the operation of their covert channels from the operation of their cover protocols, and (ii) behavioral realism: systems should either opportunistically use existing genuine cover protocol instances or run new protocol instances that are modeled after genuine ones. These properties ensure that the behavior of a system’s users will not degrade its security. We demonstrate how to achieve these properties through the design and evaluation of Raven, a censorship-resistant messaging system that uses email cover protocols identically to the way humans use email. Raven uses a generative adversarial network that is trained on genuine email data to control the timing and sizes of the email messages it sends and receives, and these messages are transferred independently of user actions. Our evaluation shows that, compared to the state-of-the-art email-based Mailet system, Raven raises the false-positive rate from 3% to 50% when detecting covert channel usage with 100% recall.

show abstract

Mailet: Instant Social Networking under Censorship

Cited by 7 publications

References 25 publications

SiegeBreaker: An SDN Based Practical Decoy Routing System

SiegeBreaker: An SDN Based Practical Decoy Routing System

Blind Certificate Authorities

Learning to Behave: Improving Covert Channel Security with Behavior-Based Designs

Contact Info

Product

Resources

About