Fingerprintability of WebRTC

We examine WebRTC's suitability as a means of Internet censorship circumvention. WebRTC is a framework and suite of protocols for peer-to-peer communication between web browsers. We analyze the implementation differences in instantiations of WebRTC that make it possible to "fingerprint" implementations--potentially distinguishing circumvention-related uses from ordinary ones. This question is relevant to Snowflake, an upcoming circumvention system that uses WebRTC to turn web browsers into temporary peer-to-peer proxies. We conduct a manual analysis of WebRTC-using applications in order to map the space of distinguishing implementation features. We run a fingerprinting script on a day's worth of network traffic in order to quantify WebRTC's prevalence and diversity. Throughout, we find pitfalls that indicate that resisting fingerprinting in WebRTC is likely to be non-trivial.

[1]  Vitaly Shmatikov,et al.  The Parrot Is Dead: Observing Unobservable Network Communications , 2013, 2013 IEEE Symposium on Security and Privacy.

[2]  Eric Rescorla,et al.  Datagram Transport Layer Security Version 1.2 , 2012, RFC.

[3]  Dan Boneh,et al.  Evading Censorship with Browser-Based Proxies , 2012, Privacy Enhancing Technologies.

[4]  Eric Rescorla,et al.  Datagram Transport Layer Security (DTLS) Extension to Establish Keys for the Secure Real-time Transport Protocol (SRTP) , 2010, RFC.

[5]  Nikita Borisov,et al.  I want my voice to be heard: IP over Voice-over-IP for unobservable censorship circumvention , 2013, NDSS.

[6]  Vern Paxson,et al.  Bro: a system for detecting network intruders in real-time , 1998, Comput. Networks.

[7]  Mats Näslund,et al.  The Secure Real-time Transport Protocol (SRTP) , 2004, RFC.

[8]  Jonathan D. Rosenberg,et al.  Traversal Using Relays around NAT (TURN): Relay Extensions to Session Traversal Utilities for NAT (STUN) , 2020, RFC.

[9]  Harald Alvestrand,et al.  Overview: Real-Time Protocols for Browser-Based Applications , 2021, RFC.

[10]  Jonathan D. Rosenberg,et al.  Interactive Connectivity Establishment (ICE): A Protocol for Network Address Translator (NAT) Traversal for Offer/Answer Protocols , 2010, RFC.

[11]  Dan Wing,et al.  Session Traversal Utilities for NAT (STUN) , 2020, RFC.

[12]  Vern Paxson,et al.  Blocking-resistant communication through domain fronting , 2015, Proc. Priv. Enhancing Technol..

[13]  Dan Wing,et al.  Session Description Protocol (SDP) Security Descriptions for Media Streams , 2006, RFC.