The Parrot is Dead: Observing Unobservable Network Communication
description
Transcript of The Parrot is Dead: Observing Unobservable Network Communication
![Page 1: The Parrot is Dead: Observing Unobservable Network Communication](https://reader035.fdocuments.us/reader035/viewer/2022070422/5681637c550346895dd45b19/html5/thumbnails/1.jpg)
TapDance: End-to-Middle Anticensorship
without Flow Blocking
CS898AB Privacy Enhancing TechnologiesDr. Murtuza Jadliwala
Presented ByQasem Albasha
1
![Page 2: The Parrot is Dead: Observing Unobservable Network Communication](https://reader035.fdocuments.us/reader035/viewer/2022070422/5681637c550346895dd45b19/html5/thumbnails/2.jpg)
Content• Indirect Scheme• End-to-Middle Scheme• Existing E2M Protocol• Telex Scheme• TapDance Scheme• Performance• Security Analysis• Comparison• Conclusion
2
![Page 3: The Parrot is Dead: Observing Unobservable Network Communication](https://reader035.fdocuments.us/reader035/viewer/2022070422/5681637c550346895dd45b19/html5/thumbnails/3.jpg)
Indirect Scheme
Client
Local Network
Website.com
Firewall
Indirect Server
3
![Page 4: The Parrot is Dead: Observing Unobservable Network Communication](https://reader035.fdocuments.us/reader035/viewer/2022070422/5681637c550346895dd45b19/html5/thumbnails/4.jpg)
End-to-Middle Scheme
Client
Local Network
Decoy.com
FirewallIntermediate ISP
Blocked.com
4
![Page 5: The Parrot is Dead: Observing Unobservable Network Communication](https://reader035.fdocuments.us/reader035/viewer/2022070422/5681637c550346895dd45b19/html5/thumbnails/5.jpg)
Existing E2M Protocol• There are three original publications on end-to-middle proxying:
• Telex: ECDH(public key point, hash of ECDH secret shared)• Decoy Routing: HMAC(shared secret key, current hour, per-hour number)• Cirripede: ECDH (public key point, hash of ECDH secret shared)
• Elliptic Curve Diffie-Hellman (ECDH)
5
![Page 6: The Parrot is Dead: Observing Unobservable Network Communication](https://reader035.fdocuments.us/reader035/viewer/2022070422/5681637c550346895dd45b19/html5/thumbnails/6.jpg)
Telex end-to-middle Scheme
6
![Page 7: The Parrot is Dead: Observing Unobservable Network Communication](https://reader035.fdocuments.us/reader035/viewer/2022070422/5681637c550346895dd45b19/html5/thumbnails/7.jpg)
Problems With Existing ProtocolToo slow because of inline-blocking: most ISP refuse to implement it.• Limited Key size
TELEX,Decoy Routing: inside TLS header Cirripede: inside TCP ISNs
•
7
![Page 8: The Parrot is Dead: Observing Unobservable Network Communication](https://reader035.fdocuments.us/reader035/viewer/2022070422/5681637c550346895dd45b19/html5/thumbnails/8.jpg)
8
![Page 9: The Parrot is Dead: Observing Unobservable Network Communication](https://reader035.fdocuments.us/reader035/viewer/2022070422/5681637c550346895dd45b19/html5/thumbnails/9.jpg)
9
![Page 10: The Parrot is Dead: Observing Unobservable Network Communication](https://reader035.fdocuments.us/reader035/viewer/2022070422/5681637c550346895dd45b19/html5/thumbnails/10.jpg)
10
![Page 11: The Parrot is Dead: Observing Unobservable Network Communication](https://reader035.fdocuments.us/reader035/viewer/2022070422/5681637c550346895dd45b19/html5/thumbnails/11.jpg)
11
![Page 12: The Parrot is Dead: Observing Unobservable Network Communication](https://reader035.fdocuments.us/reader035/viewer/2022070422/5681637c550346895dd45b19/html5/thumbnails/12.jpg)
Security Analysis• Passive Attacks
• Chrome’s cipher suite list• Cryptographic attack: ECC Curve 25519 which is secure.• Forward secrecy: ISP station generates many private keys ahead• Packet timing and length• Lack of server response
the censor may disrupt the path between client and TapDance station• such false pickups may happen intermittently (due to ISP station malfunction)• a client may attempt to find new TapDance stations by probing many potential decoy
servers with tagged TLS connections• TCP/IP protocol fingerprinting
12
![Page 13: The Parrot is Dead: Observing Unobservable Network Communication](https://reader035.fdocuments.us/reader035/viewer/2022070422/5681637c550346895dd45b19/html5/thumbnails/13.jpg)
Active Attack• TLS attacks The censor may issue fake TLS certificates from a
certificate authority under its control and then target TLS sessions with a man-in-the-middle attack. (unlikely)
• Packet injection:• Active defense• Replay attacks : To protect against duplicated tags, the station could
record previous tags and refuse to respond to a repeated tag• Denial of service: can handle 1.2Gbps of pure TLS application• Routing around the proxy:• Tunneling around the proxy
13
![Page 14: The Parrot is Dead: Observing Unobservable Network Communication](https://reader035.fdocuments.us/reader035/viewer/2022070422/5681637c550346895dd45b19/html5/thumbnails/14.jpg)
14
![Page 15: The Parrot is Dead: Observing Unobservable Network Communication](https://reader035.fdocuments.us/reader035/viewer/2022070422/5681637c550346895dd45b19/html5/thumbnails/15.jpg)
Conclusion It needs more work – still prototype Fast – no inline blocking Vulnerable to some attacks