Scheme may thwart Internet censorship

U. MICHIGAN (US) — New technology could beat Internet censorship at its own game by making it virtually impossible for a repressive government to block individual sites.

“The Internet has the ability to catalyze change by empowering people through information and communication services,” says J. Alex Halderman, assistant professor of computer science and engineering at the University of Michigan.

“Repressive governments have responded by aggressively filtering it. If we can find ways to keep those channels open, we can give more people the ability to take part in free speech and access to information.”

The new system, dubbed Telex, “has the potential to shift the arms race regarding censorship to be in favor of free and open communication,” says Halderman, one of its creators.

Typical anticensorship schemes work by routing users around site blocks through an outside server called a proxy. But the censor can monitor the content of traffic on the whole network and eventually finds and block the proxy too.

“It creates a kind of cat and mouse game,” says Halderman.

How it would work

Halderman envisions that users could install Telex software after downloading it from an intermittently available website or borrow a copy from a friend. Internet service providers (ISPs) outside the censoring nation would then deploy equipment called Telex stations.

When a user wanted to visit a blacklisted site, he would establish a secure connection to an HTTPS website, which could be any password-protected site that isn’t blocked. This is a decoy connection.

The Telex software marks the connection as a Telex request by inserting a secret-coded tag into the page headers. The tag would then utilize a cryptographic technique called public-key steganography.

“Steganography is hiding the fact that you’re sending a message at all,” Halderman says. “We’re able to hide it in the cryptographic protocol so that you can’t even tell that the message is there.”

The user’s request passes through routers at various ISPs, some of which would be Telex stations. These stations would hold a private key that lets them recognize tagged connections from Telex clients. The stations would divert the connections so that the user could get to any site on the Internet.

Under the system, large segments of the Internet would need to be involved through participating ISPs.
“It would likely require support from nations that are friendly to the cause of a free and open Internet,” Halderman says.

“The problem with any one company doing this, for example, is they become a target. It’s a collective action problem. You want to do it on a wide scale that makes connecting to the Internet almost an all or nothing proposition for the repressive state.”

The technology is at the proof-of-concept stage. Experimenting software has been developed and researchers have put up one Telex station on a mock ISP in their lab that is being used for daily web browsing. A client in Beijing has been able to stream YouTube videos even though the site is blocked there.

More news from University of Michigan: www.ns.umich.edu/