Tithonus: A Bitcoin Based Censorship Resilient System

Open access

Abstract

Providing reliable and surreptitious communications is difficult in the presence of adaptive and resourceful state level censors. In this paper we introduce Tithonus, a framework that builds on the Bitcoin blockchain and network to provide censorship-resistant communication mechanisms. In contrast to previous approaches, we do not rely solely on the slow and expensive blockchain consensus mechanism but instead fully exploit Bitcoin’s peer-to-peer gossip protocol. We develop adaptive, fast and cost effective data communication solutions that camouflage client requests into inconspicuous Bitcoin transactions. We propose solutions to securely request and transfer content, with unobservability and censorship resistance, and free, pay-per-access and subscription based payment options. When compared to state-of-the-art Bitcoin writing solutions, Tithonus reduces the cost of transferring data to censored clients by 2 orders of magnitude and increases the goodput by 3 to 5 orders of magnitude. We show that Tithonus client initiated transactions are hard to detect, while server initiated transactions cannot be censored without creating split world problems to the Bit-coin blockchain.

[1] William R Marczak, John Scott-Railton, Morgan Marquis-Boire, and Vern Paxson. When Governments Hack Opponents: A Look at Actors and Technology. In USENIX Security Symposium, pages 511–525, 2014.

[2] Robert Lemos. Blue Coat Appliances Used by Governments to Monitor, Censor Web Traffic. https://tinyurl.com/ycjmy63o, 2013.

[3] Somini Sengupta. Group Says It Has New Evidence of Cisco’s Misdeeds in China. New York Times, https://tinyurl.com/3qgd73f, September 2011.

[4] FinFisher. Wikipedia, https://en.wikipedia.org/wiki/FinFisher.

[5] HackingTeam. Wikipedia, https://en.wikipedia.org/wiki/Hacking_Team.

[6] Doug Madory. Iran Leaks Censorship via BGP Hijacks. https://dyn.com/blog/iran-leaks-censorship-via-bgphijacks/, 2017.

[7] Paul Pearce, Ben Jones, Frank Li, Roya Ensafi, Nick Feamster, Nick Weaver, and Vern Paxson. Global measurement of dns manipulation. In Proceedings of the 26th USENIX Security Symposium, 2017.

[8] John Holowczak and Amir Houmansadr. CacheBrowser: Bypassing Chinese Censorship Without Proxies Using Cached Content. In Proceedings of the ACM Conference on Computer and Communications Security, pages 70–83, 2015.

[9] Hadi Zolfaghari and Amir Houmansadr. Practical censorship evasion leveraging content delivery networks. In Proceedings of the ACM Conference on Computer and Communications Security, pages 1715–1726, 2016.

[10] David Fifield, Chang Lan, Rod Hynes, Percy Wegmann, and Vern Paxson. Blocking-resistant communication through domain fronting. Proceedings on Privacy Enhancing Technologies, 2015(2):46–64, 2015.

[11] Alin Tomescu and Srinivas Devadas. Catena: Efficient Nonequivocation via Bitcoin. In Proceedings of IEEE Symposium on Security and Privacy, pages 393–409, 2017.

[12] Muneeb Ali, Jude Nelson, Ryan Shea, and Michael J. Freedman. Blockstack: A Global Naming and Storage System Secured by Blockchains. In Proceedings of the Usenix Annual Technical Conference, pages 181–194, 2016.

[14] Apertus 0.3.17-beta. Archive data on your favorite blockchains. http://apertus.io/.

[16] Andrew Sward, Ivy Vecna, and Forrest Stonedahl. Data insertion in bitcoin’s blockchain. Ledger, 3, 2018.

[17] Amir Houmansadr, Chad Brubaker, and Vitaly Shmatikov. The parrot is dead: Observing unobservable network communications. In 2013 IEEE Symposium on Security and Privacy, pages 65–79. IEEE, 2013.

[18] Ethan Heilman, Alison Kendler, Aviv Zohar, and Sharon Goldberg. Eclipse attacks on bitcoin’s peer-to-peer network. In USENIX Security Symposium, pages 129–144, 2015.

[19] Alex Biryukov and Ivan Pustogarov. Bitcoin over tor isn’t a good idea. In Security and Privacy (SP), 2015 IEEE Symposium on, pages 122–134. IEEE, 2015.

[20] D. D. Clark and D. L. Tennenhouse. Architectural considerations for a new generation of protocols. In Proceedings of the ACM Symposium on Communications Architectures &Amp; Protocols, SIGCOMM ‘90, pages 200–208, New York, NY, USA, 1990. ACM.

[22] A Survey of Bitcoin Transaction Types. http://www.quantabytes.com/articles/tx_survey.html.

[23] Daniel J Bernstein, Mike Hamburg, Anna Krasnova, and Tanja Lange. Elligator: Elliptic-curve points indistinguishable from uniform random strings. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pages 967–980. ACM, 2013.

[24] ANSI X9.63. Public Key Cryptography for the Financial Services Industry: Key Agreement and Key Transport Using Elliptic Curve Cryptography. American National Standards Institute, 2001.

[25] Victor Shoup. A proposal for an ISO standard for public key encryption (version 2.1). IACR E-Print Archive, 2001.

[26] Jianjun Duan, Joe Hurd, Guodong Li, Scott Owens, Konrad Slind, and Junxing Zhang. Functional correctness proofs of encryption algorithms. In International Conference on Logic for Programming Artificial Intelligence and Reasoning, pages 519–533. Springer, 2005.

[28] Christian Decker and Roger Wattenhofer. Information propagation in the bitcoin network. In Peer-to-Peer Computing (P2P), 2013 IEEE Thirteenth International Conference on, pages 1–10. IEEE, 2013.

[29] NY Times Newspaper Article (average word count). http://answers.google.com/answers/threadview/id/709596.html.

[30] English Letter Frequency Counts. http://norvig.com/mayzner.html.

[31] Bitcoin fee from earn.com. https://bitcoinfees.earn.com/.

[32] Choose your HMA! price plan. https://www.hidemyass.com/en-us/pricing.

[33] PureVPN pricing. https://www.purevpn.com/order.

[36] Sam Burnett, Nick Feamster, and Santosh Vempala. Chipping away at censorship firewalls with user-generated content. In USENIX Security Symposium, pages 463–468. Washington, DC, 2010.

[37] Charlie Osborne. China cracks down on ‘unauthorized’ VPNs. https://www.zdnet.com/article/china-cracks-down-on-unauthorized-vpns/, 2017.

[38] Jake Smith. Apple removes VPN apps from China App Store to comply with government. https://www.zdnet.com/article/apple-pulls-vpns-from-china-app-store/, 2017.

[39] Andy. Russia Blocks 50 VPNs & Anonymizers in Telegram Crackdown, Viber Next. https://torrentfreak.com/russia-blocks-50-vpns-anonymizers-in-telegram-crackdown-viber-next-180504/, May 2018.

[42] Matthias Wachs, Martin Schanzenbach, and Christian Grothoff. A censorship-resistant, privacy-enhancing and fully decentralized name system. In International Conference on Cryptology and Network Security, pages 127–142. Springer, 2014.

[43] Cecylia Bocovich and Ian Goldberg. Slitheen: Perfectly imitated decoy routing through traffic replacement. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pages 1702–1714, 2016.

[44] Hooman Mohajeri Moghaddam, Baiyu Li, Mohammad Derakhshani, and Ian Goldberg. Skypemorph: Protocol obfuscation for tor bridges. In Proceedings of the ACM Conference on Computer and Communications Security, pages 97–108, 2012.

[45] Amir Houmansadr, Thomas J Riedl, Nikita Borisov, and Andrew C Singer. I want my voice to be heard: Ip over voice-over-ip for unobservable censorship circumvention. In Proceedings of NDSS, 2013.

[46] Joan Daemen and Vincent Rijmen. Aes proposal: Rijndael. 1999.

Journal Information

Metrics

All Time Past Year Past 30 Days
Abstract Views 0 0 0
Full Text Views 2447 2447 42
PDF Downloads 89 89 20