Abstract

Refraction networking is a promising censorship circumvention technique in which a participating router along the path to an innocuous destination deflects traffic to a covert site that is otherwise blocked by the censor. However, refraction networking faces major practical challenges due to performance issues and various attacks (e.g., routing-Around-The-decoy and fingerprinting). Given that many sites are now hosted in the cloud, data centers offer an advantageous setting to implement refraction networking due to the physical proximity and similarity of hosted sites. We propose REDACT, a novel class of refraction networking solutions where the decoy router is a border router of a multi-Tenant data center and the decoy and covert sites are tenants within the same data center. We highlight one specific example REDACT protocol, which leverages TLS session resumption to address the performance and implementation challenges in prior refraction networking protocols. REDACT also offers scope for other designs with different realistic use cases and assumptions.

Original languageEnglish (US)
Pages (from-to)15-22
Number of pages8
JournalComputer Communication Review
Volume51
Issue number4
DOIs
StatePublished - Oct 2021

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Networks and Communications

Keywords

  • censorship circumvention
  • decoy routing
  • refraction networking

Fingerprint

Dive into the research topics of 'REDACT: Refraction networking from the data center'. Together they form a unique fingerprint.

Cite this