Free access to information online is a vital component of democratic societies. However, something that is take for granted in this country is by no means possible everywhere. Given this, in a recent study, researchers at Paderborn University and the Technology Innovation Institute in Abu Dhabi have demonstrated how internet censorship can be circumvented by making targeted modifications to the encryption protocols. The aim is to facilitate access to blocked websites and provide approaches for future technologies. This is focusing in particular on well-known censorship systems such as the ‘Great Firewall’ of China or censorship in Iran. In addition, the authors advocate developing the field of ‘censorship research’. Their findings are of practical benefit, as well as providing valuable insights for science and scholarship. In mid-May, the team’s work was recognised with an award at the renowned ‘IEEE Symposium on Security and Privacy’ conference in San Francisco.
Mechanisms to ensure a freer internet
The researchers have developed an open-source tool in the form of a ‘censor scanner’ that encrypts web requests in such a way that censorship systems either cannot detect them or cannot block them. The team also tested which techniques bypass these systems, whilst also ensuring that the web requests would be understood by actual websites. This is crucial in order to be able to successfully display blocked pages.
A key example that researchers have examined carefully is a mechanism within the ‘TLS’ (Transport Layer Security) service. Under normal circumstances, this protocol ensures that internet connections are securely encrypted. Nevertheless, it can be blocked: ‘As TLS is used by millions across the world, it is a popular target for censors. They can analyse the protocol to block undesired websites. This is possible because the very first TLS message transmitted is sent unencrypted and reveals the name of the website to which the user is trying to connect. This means that censors can look at the start of TLS connections and halt them where required’, explains Professor Juraj Somorovsky, head of the System Security research group at Paderborn’s Department of Computer Science.
According to the team, one of the most successful ways of circumventing censorship is what is known as ‘TLS fragmentation’. ‘This means that the first TLS enquiry containing the name of the target website is fragmented into small parts that censorship systems struggle to analyse’, explains lead author Niklas Niere, also from Paderborn University. Other tricks involve changing or disguising details of the target website. Another method removes certain information entirely from web requests. All of the solutions identified have one thing in common: they are effective against censorship systems whilst also being accepted by internet servers. This means that requests will be successfully answered even if these tricks are used.
Important worldwide
The researchers’ results are a ray of hope for people under repressive regimes who have no free access to the internet. In the future, they may aid practical technologies that help people all over the world circumvent blocks. At the same time, the researchers emphasise that censors are also continually further developing their techniques. For example, their study demonstrates that China’s ‘Great Firewall’ is made up of three different systems that need to be outwitted in order to successfully circumvent the censorship.
Whilst encryption and security mechanisms across the world are being improved, freedom online is a race between technical progress and state control. This study serves as the basis for future academic work, as well as providing a guideline for developing tools that promote free access to the internet.
Read the study: https://ris.uni-paderborn.de/record/59824