A new approach to circumventing state-level Internet censorship
A group of researchers led by J. Alex Halderman, assistant professor of electrical engineering and computer science at the University of Michigan, have been working on a new anti-censorship system.
It is called Telex and – in theory – it should allow users from countries that practice Internet censorship to not only reach their wanted Internet destination, but also hide from the censors the fact that they are trying to do so.
“Telex operates in the network infrastructure — at any ISP between the censor’s network and non-blocked portions of the Internet — rather than at network end points,” explains Halderman. “This approach, which we call ‘end-to-middle’ proxying, can make the system robust against countermeasures (such as blocking) by the censor.”
The advantage that Telex would have over other existing anti-censorship systems is the fact that the user doesn’t have to get ahold of ever changing encryption keys or IP addresses for proxy servers, but simply use the client software that would be made publicly available.
“The client secretly marks the connection as a Telex request by inserting a cryptographic tag into the headers. We construct this tag using a mechanism called public-key steganography,” explains the researcher. “This means anyone can tag a connection using only publicly available information, but only the Telex service (using a private key) can recognize that a connection has been tagged.”
The researchers believe that Telex could complement anonymizing services like Tor, but in order to work, the cooperation of ISPs outside of the censoring countries is needed.
“Telex doesn’t require active participation from the censored websites, or from the non-censored sites that serve as the apparent connection destinations. However, it does rely on ISPs to deploy Telex stations on network paths between the censor’s network and many popular Internet destinations,” says Halderman. “Widespread ISP deployment might require incentives from governments.”
He admits that that Telex is still far from ready to be used by real users, but that they have been testing it for the last couple of months using a mock ISP they have set up in the lab, and that they are satisfied with the system’s performance and stability.
Of course, there are still a lot of questions that need to be answered, and a lot of things to be worked out in order to make this solution secure enough to use, which is probably why they have released details about their ongoing work on the Internet.
Judging by the comments Halderman’s post has received, commenters are eager to point out what they consider the solution’s weak spots, and this is something that can only help the researchers in their future work.