|Title:||Practical P2P-Based Censorship Resistance|
|Abstract:||People around the world are using the Internet to access news, to publish information, and to organize themselves. Recently, web services such as Facebook and Twitter have been used to organize peaceful demonstrations against totalitarian leaders, forcing them to resign and even leave the country. However, these regimes are aware of the power given to the people by the Internet and are therefore increasingly limiting access to these services . Cutting off the Internet entirely is an option that is used only seldomly, as it severely impacts the country's economy. The New York Times recently published an article  on a new US State Department policy that plans to support Internet freedom by financing various projects. Possible candidates for government support are projects like UltraSurf or TOR. UltraSurf along with many others, however, is proprietary and not well suited to serve a large amount of user requests due to a client/server based architecture. TOR on the other hand is open source and has a long history in providing anonymity to Internet users. However, its client/server approach has two drawbacks: Poor scalability and weak censorship resistance. Regarding these issues, there is active research and development improving TOR. Nevertheless, TOR was built with anonymity in mind and not censorship resistance. In this work we propose a new P2P-based approach focusing on: Censorship Resistance Our approach is entirely P2P-based, eliminating the need for central servers and therefore single points of failures. Participating nodes use a distributed hash table (DHT) to locate each other and necessary cryptographic certificates. Trusted peers can be used to detect attacks. Peer communication is normalized using SSL to impede traffic analysis. Low Operator Risk One of TOR's strengths is at the same time a weak point: TOR servers can be used for a wide variety of TCP applications, with only a port-based filter built in. Running a TOR exit node can therefore have legal consequences for server operators. We propose a very light-weight approach allowing only HTTP traffic to a small selection of web sites that are legal in the operator's country. Scalability Every user of the network offers the service to others, as well. This approach scales well and at the same time complicates IP-based censorship efforts. Other success factors are ease-of-use and trustworthiness. All of these factors are addressed by our prototype implementation, which is being developed as an open source Firefox plugin.|
|Is part of:||SPRING - SIDAR Graduierten-Workshop über Reaktive Sicherheit, 21.-22. März 2011, Bochum, Deutschland|
|Appears in Collections:||Presentations|
This item is protected by original copyright
All resources in the repository are protected by copyright.