Nick Feamster, Magdalena Balazinska, Winston Wang, Hari Balakrishnan, David Karger
Privacy Enhancing Technologies 2003, Dresden, Germany, March 2003
All existing anti-censorship systems for the Web rely on proxies to
grant clients access to censored information. Therefore, they face the
proxy discovery problem: how can clients discover the proxies
without having the censor discover and block these proxies? To avoid
widespread discovery and blocking, proxies must not be widely published
and should be discovered in-band. In this paper, we present a proxy
discovery mechanism called keyspace hopping that meets this
goal. Similar in spirit to frequency hopping in wireless networks,
keyspace hopping ensures that each client discovers only a small
fraction of the total number of proxies. However, requiring clients to
independently discover proxies from a large set makes it practically
impossible to verify the trustworthiness of every proxy and creates the
possibility of having untrusted proxies. To address this, we propose
separating the proxy into two distinct components---the messenger,
which the client discovers using keyspace hopping and which simply acts
as a gateway to the Internet; and the portal, whose identity is
widely-published and whose responsibility it is to interpret and serve
the client's requests for censored content. We show how this
separation, as well as in-band proxy discovery, can be applied to a
variety of anti-censorship systems.
[PDF (204KB)] [PostScript (718KB)] [Gzipped PostScript (217KB)]
Bibtex Entry:
@inproceedings{feamster2003thwarting, author = "Nick Feamster and Magdalena Balazinska and Winston Wang and Hari Balakrishnan and David Karger", title = "{Thwarting Web Censorship with Untrusted Messenger Discovery}", booktitle = {Privacy Enhancing Technologies 2003}, year = {2003}, month = {March}, address = {Dresden, Germany} }