Paper Info
Title
TapDance: end-to-middle anticensorship without flow blocking
Abstract
In response to increasingly sophisticated state-sponsored Internet censorship, recent work has proposed a new approach to censorship resistance: end-to-middle proxying. This concept, developed in systems such as Telex, Decoy Routing, and Cirripede, moves anticensorship technology into the core of the network, at large ISPs outside the censoring country. In this paper, we focus on two technical obstacles to the deployment of certain end-to-middle schemes: the need to selectively block flows and the need to observe both directions of a connection. We propose a new construction, TapDance, that removes these requirements. TapDance employs a novel TCP-level technique that allows the anticensorship station at an ISP to function as a passive network tap, without an inline blocking component. We also apply a novel steganographic encoding to embed control messages in TLS ciphertext, allowing us to operate on HTTPS connections even under asymmetric routing. We implement and evaluate a TapDance prototype that demonstrates how the system could function with minimal impact on an ISP's network operations.
Year
Venue
Field
2014
USENIX Security
Steganography,Internet censorship,Software deployment,Computer science,Computer security,Flow (psychology),Network operations center,Ciphertext,Telex,Encoding (memory)
DocType
Citations 
PageRank 
Conference
12
0.76
References 
Authors
33
3
Name
Order
Citations
PageRank
Eric Wustrow156437.93
Colleen Swanson2120.76
J. Alex Halderman32301149.67