wkrp
commented
1 year ago The Parrot is Dead: Observing Unobservable Network Communications Amir Houmansadr, Chad Brubaker, Vitaly Shmatikov https://censorbib.nymity.ch/#Houmansadr2013b
This paper identifies distinguishability vulnerabilities in three contemporary (proposed) circumvention systems: SkypeMorph, StegoTorus, and CensorSpoofer. These are examples of what the authors call "parrot" circumvention systems, which means that they attempt to blend in with some other application or protocol by imitating its external characteristics. SkypeMorph imitates Skype, StegoTorus imitates Skype or HTTP, and CensorSpoofer imitates standards-based VoIP. The study uncovers subtle and not-so-subtle ways in which the circumvention systems fail to be perfect imitations; for example, by omitting the ancillary connections that accompany genuine Skype calls, or not responding properly to probes that originate from outside the system. The paper's central claim is that circumvention by imitation is fundamentally flawed: there are too many details, quirks, and error conditions to address them all, and any one left unaddressed is fatal. As an alternative to imitation, the authors suggest tunneling; that is, embedding circumvention traffic into an existing third-party implementation of the cover protocol.
The paper features a fairly granular model of censorship. Attacks are categorized as passive, active, or proactive. ("Proactive" means the attack involves making new network connections, not just manipulating existing ones.) Censors are distinguished by how many of devices they manage, how much state they can maintain, and how much processing they can afford to do. The local adversary (LO) manages a small number of devices and few connections; the state-level oblivious adversary (OB) manages many devices and possibly many egress points, but can only do a small amount of processing per connection and only for short times; and the state-level omniscient adversary (OM) manages a network the size of OB's and can afford as much storage and computation as needed. The authors give a list of 12 requirements that they say every parrot circumvention protocol must satisfy if it is to resist blocking. Every attack is labeled with its attack category and the class of censors it is available to, as well as what failed requirements it takes advantage of.
Thanks to Amir Houmansadr for reviewing a draft of this summary.
The third installment of our series of group discussions about significant past censorship research will be:
"The Parrot is Dead: Observing Unobservable Network Communications" PDF
Sunday, 2023-04-30 13:00–14:00
This paper is a real classic and has been highly influential. If you want to participate in the discussion, just read the paper and show up to the online meeting when it happens. I'll post a video afterward as usual.