Robust censorship-resistant communication

Wang, Qiyan

Permalink

https://hdl.handle.net/2142/45417 Copy

Description

Title

Robust censorship-resistant communication

Author(s)

Wang, Qiyan

Issue Date

2013-08-22T16:39:34Z

Director of Research (if dissertation) or Advisor (if thesis)

Borisov, Nikita

Doctoral Committee Chair(s)

Borisov, Nikita

Committee Member(s)

• Nahrstedt, Klara
• Gunter, Carl A.
• Hopper, Nicholas

Department of Study

Computer Science

Discipline

Computer Science

Degree Granting Institution

University of Illinois at Urbana-Champaign

Degree Name

Ph.D.

Degree Level

Dissertation

Keyword(s)

• Censorship circumvention
• privacy
• security
• anonymity
• Tor

Abstract

A key challenge in censorship circumvention is being able to direct legitimate users to redirection proxies while preventing censors, posing as insiders, from discovering their addresses and blocking them. In this thesis, we study how to protect and/or design censorship circumvention systems to resist the insider attacks. Tor is one of the most popular censorship circumvention systems; it uses {\it bridges} run by volunteers as proxies to evade censorship. We propose {\it rBridge}--a user reputation system for bridge distribution; it assigns bridges according to the past history of users to limit corrupt users from repeatedly blocking bridges, and employs an introduction-based mechanism to invite new users while resisting Sybil attacks. Our evaluation results show that rBridge provides much stronger protection for bridges than any existing scheme. We also address another important challenge to the bridge distribution---preserving the privacy of users' bridge assignment information, which can be exploited by malicious parties to degrade users' anonymity in anonymous communication. We propose a new framework for censorship-resistant web browsing called {\it CensorSpoofer} that addresses this challenge by exploiting the asymmetric nature of web browsing traffic and making use of IP spoofing. CensorSpoofer de-couples the upstream and downstream channels, using a low-bandwidth indirect channel for delivering outbound requests (URLs) and a high-bandwidth direct channel for downloading web content. The upstream channel hides the request contents using steganographic encoding within Email or instant messages, whereas the downstream channel uses IP address spoofing so that the real address of the proxies is not revealed either to legitimate users or censors. We built a proof-of-concept prototype that uses encrypted VoIP for this downstream channel and demonstrated the feasibility of using the CensorSpoofer framework in a realistic environment.

Graduation Semester

2013-08

Permalink

http://hdl.handle.net/2142/45417

Copyright and License Information

Copyright 2013 Qiyan Wang

Owning Collections