SkypeMorph: protocol obfuscation for Tor bridges

The Tor network is designed to provide users with low-latency anonymous communications. Tor clients build circuits with publicly listed relays to anonymously reach their destinations. However, since the relays are publicly listed, they can be easily blocked by censoring adversaries. Consequently, the Tor project envisioned the possibility of unlisted entry points to the Tor network, commonly known as bridges. We address the issue of preventing censors from detecting the bridges by observing the communications between them and nodes in their network. We propose a model in which the client obfuscates its messages to the bridge in a widely used protocol over the Internet. We investigate using Skype video calls as our target protocol and our goal is to make it difficult for the censoring adversary to distinguish between the obfuscated bridge connections and actual Skype calls using statistical comparisons. We have implemented our model as a proof-of-concept pluggable transport for Tor, which is available under an open-source licence. Using this implementation we observed the obfuscated bridge communications and compared it with those of Skype calls and presented the results.

[1]  Charles V. Wright,et al.  Spot Me if You Can: Uncovering Spoken Phrases in Encrypted VoIP Conversations , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[2]  C. Leberknight A Taxonomy of Internet Censorship and Anti-Censorship Draft Version December 31 , 2010 , 2011 .

[3]  Stefan Lindskog,et al.  How China Is Blocking Tor , 2012, ArXiv.

[4]  Markus G. Kuhn,et al.  Information hiding-a survey , 1999, Proc. IEEE.

[5]  Maurizio Dusi,et al.  Tunnel Hunter: Detecting application-layer tunnels with statistical fingerprinting , 2009, Comput. Networks.

[6]  Nikita Borisov,et al.  Cirripede: circumvention infrastructure using router redirection with plausible deniability , 2011, CCS '11.

[7]  Fabian Monrose,et al.  Phonotactic Reconstruction of Encrypted VoIP Conversations: Hookt on Fon-iks , 2011, 2011 IEEE Symposium on Security and Privacy.

[8]  Sushil Jajodia,et al.  Information Hiding: Steganography and Watermarking-Attacks and Countermeasures , 2000, Advances in Information Security.

[9]  Dario Rossi,et al.  Revealing skype traffic: when randomness plays with you , 2007, SIGCOMM '07.

[10]  Nasir D. Memon,et al.  Analysis of LSB based image steganography techniques , 2001, Proceedings 2001 International Conference on Image Processing (Cat. No.01CH37205).

[11]  P. Biondi,et al.  Silver Needle in the Skype , 2006 .

[12]  David D. Jensen,et al.  Privacy Vulnerabilities in Encrypted HTTP Streams , 2005, Privacy Enhancing Technologies.

[13]  Wojciech Mazurczyk,et al.  Using transcoding for hidden communication in IP telephony , 2011, Multimedia Tools and Applications.

[14]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[15]  Tadayoshi Kohno,et al.  Devices That Tell on You: Privacy Trends in Consumer Ubiquitous Computing , 2007, USENIX Security Symposium.

[16]  Ian Goldberg,et al.  BridgeSPA: improving Tor bridges with single packet authorization , 2011, WPES.

[17]  John Langford,et al.  Provably Secure Steganography , 2002, IEEE Transactions on Computers.

[18]  Santosh S. Vempala,et al.  Chipping Away at Censorship Firewalls with User-Generated Content , 2010, USENIX Security Symposium.

[19]  Donald F. Towsley,et al.  Characterizing and Detecting Skype-Relayed Traffic , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[20]  Shwetak N. Patel,et al.  Televisions, video privacy, and powerline electromagnetic interference , 2011, CCS '11.

[21]  Dario Rossi,et al.  Tracking Down Skype Traffic , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[22]  Ian Goldberg,et al.  Telex: Anticensorship in the Network Infrastructure , 2011, USENIX Security Symposium.

[23]  W. Timothy Strayer,et al.  Decoy Routing: Toward Unblockable Internet Communication , 2011, FOCI.

[24]  Charles V. Wright,et al.  Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis , 2009, NDSS.

[25]  Nicholas Hopper,et al.  On the risks of serving whenever you surf: vulnerabilities in Tor's blocking resistance design , 2009, WPES '09.

[26]  Brian Neil Levine,et al.  Inferring the source of encrypted HTTP connections , 2006, CCS '06.

[27]  Gustavus J. Simmons,et al.  The Prisoners' Problem and the Subliminal Channel , 1983, CRYPTO.

[28]  Henning Schulzrinne,et al.  An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol , 2004, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[29]  Charles V. Wright,et al.  Language Identification of Encrypted VoIP Traffic: Alejandra y Roberto or Alice and Bob? , 2007, USENIX Security Symposium.