Abstract
Refraction networking is a promising censorship circumvention technique in which a participating router along the path to an innocuous destination deflects traffic to a covert site that is otherwise blocked by the censor. However, refraction networking faces major practical challenges due to performance issues and various attacks (e.g., routing-Around-The-decoy and fingerprinting). Given that many sites are now hosted in the cloud, data centers offer an advantageous setting to implement refraction networking due to the physical proximity and similarity of hosted sites. We propose REDACT, a novel class of refraction networking solutions where the decoy router is a border router of a multi-Tenant data center and the decoy and covert sites are tenants within the same data center. We highlight one specific example REDACT protocol, which leverages TLS session resumption to address the performance and implementation challenges in prior refraction networking protocols. REDACT also offers scope for other designs with different realistic use cases and assumptions.
Original language | English (US) |
---|---|
Pages (from-to) | 15-22 |
Number of pages | 8 |
Journal | Computer Communication Review |
Volume | 51 |
Issue number | 4 |
DOIs | |
State | Published - Oct 2021 |
All Science Journal Classification (ASJC) codes
- Software
- Computer Networks and Communications
Keywords
- censorship circumvention
- decoy routing
- refraction networking