Mailet: Instant Social Networking under Censorship

Open access

Abstract

Social media websites are blocked in many regimes where Internet censorship is applied. In this paper, we introduce Mailet, an unobservable transport proxy which enables the users to access social websites by email applications. Without assuming the Mailet servers are trustworthy, Mailet can support the services requiring privileges without having the complete credential. Particularly, the credential is split and distributed in two Mailet servers, and neither of them can recover the credential alone. To recover the credential in a TLS record message, we propose a highly efficient Galois/ Counter Mode(GCM) based secure computation, which can enable the two servers to conceal their separate credential copies in the computation. We implemented a prototype for Twitter.com to demonstrate the usability and security of Mailet.

If the inline PDF is not rendering correctly, you can download the PDF file here.

  • [1] Collateral freedom: A snapshot of chinese internet users circumventing censorship https://openitp.org/newsevents/collateral-freedom-a-snapshot-of-chinese-userscircumventing-censorship.html.

  • [2] Email statistics report 2014-2018 http://www.radicati.com/wp/wp-content/uploads/2014/01/email-statisticsreport-2014-2018-executive-summary.pdf.

  • [3] Enron dataset https://www.cs.cmu.edu/./enron/.

  • [4] Google approves an app that steals all your data http://www.technologyreview.com/.

  • [5] Openssl https://www.openssl.org/.

  • [6] L. V. Ahn M. Blum N. J. Hopper and J. Langford. Captcha: Using hard ai problems for security. In Proceedings of the 22Nd International Conference on Theory and Applications of Cryptographic Techniques 2003.

  • [7] Y. Aumann and Y. Lindell. Security against covert adversaries: Efficient protocols for realistic adversaries. In Theory of Cryptography pages 137-156. Springer 2007.

  • [8] C. Brubaker A. Houmansadr and V. Shmatikov. Cloudtransport: Using cloud storage for censorship-resistant networking. In Proceedings of PETS’14 2014.

  • [9] J. Callas L. Donnerhacke H. Finney D. Shaw and R. Thayer. Openpgp message format. RFC 4880 2007.

  • [10] T. Dierks. The transport layer security (tls) protocol version 1.2. 2008.

  • [11] R. Dingledine N. Mathewson and P. Syverson. Tor: The second-generation onion router. In Proceedings of USENIX Security’04 2004.

  • [12] Z. Durumeric D. Adrian A. Mirian J. Kasten E. Bursztein N. Lidzborski K. Thomas V. Eranti M. Bailey and J. A. Halderman. Neither snow nor rain nor mitm...: An empirical analysis of email delivery security. In Proceedings of IMC’15 2015.

  • [13] C. Evans C. Palmer and R. Sleevi. Public key pinning extension for http. RFC 7469 2015.

  • [14] J. Geddes M. Schuchard and N. Hopper. Cover your acks: Pitfalls of covert channel censorship circumvention. In Proceedings of CCS’13 2013.

  • [15] A. Houmansadr C. Brubaker and V. Shmatikov. The parrot is dead: Observing unobservable network communications. In Proceedings of IEEE Symposium on Security and Privacy’13 2013.

  • [16] A. Houmansadr G. T. Nguyen M. Caesar and N. Borisov. Cirripede: Circumvention infrastructure using router redirection with plausible deniability. In Proceedings of CCS’11 2011.

  • [17] A. Houmansadr T. Riedl N. Borisov and A. Singer. I Want my Voice to be Heard: IP over Voice-over-IP for Unobservable Censorship Circumvention. In Proceedings of NDSS’13 2013.

  • [18] A. Houmansadr E. L. Wong and V. Shmatikov. No direction home: The true cost of routing around decoys. In Proceedings of NDSS’14 2014.

  • [19] Y. Huang D. Evans J. Katz and L. Malka. Faster secure two-party computation using garbled circuits. In Proceedings of USENIX Security’11 2011.

  • [20] J. Karlin D. Ellard A. W. Jackson C. E. Jones G. Lauer D. P. Mankins and W. T. Strayer. Decoy routing: Toward unblockable internet communication. In Proceedings of FOCI’11 2011.

  • [21] H. Kwak C. Lee H. Park and S. Moon. What is twitter a social network or a news media? In Proceedings of WWW’10 2010.

  • [22] S. Li M. Schliep and N. Hopper. Facet: Streaming over videoconferencing for censorship circumvention. In Proceedings of WPES’14 2014.

  • [23] D. Malkhi N. Nisan B. Pinkas Y. Sella et al. Fairplaysecure two-party computation system. In Proceedings of USENIX Security’04 2004.

  • [24] H. M. Moghaddam B. Li M. Derakhshani and I. Goldberg. Skypemorph: Protocol obfuscation for Tor bridges. In Proceedings of CCS’12 2012.

  • [25] M. Schuchard J. Geddes C. Thompson and N. Hopper. Routing around decoys. In Proceedings of CCS’12 2012.

  • [26] Z. Tufekci. Networked politics from tahrir to taksim: Is there a social media-fueled protest style? In Digital Media and Learning Central. http://dmlcentral.net/blog/zeyneptufekci/networked-politics-tahrir-taksim-there-social-media-fueled-protest-style June 2013.

  • [27] S. Vieweg A. L. Hughes K. Starbird and L. Palen. Microblogging during two natural hazards events: What twitter may contribute to situational awareness. In Proceedings of CHI’10 2010.

  • [28] Q. Wang X. Gong G. T. K. Nguyen A. Houmansadr and N. Borisov. Censorspoofer: Asymmetric communication using IP spoofing for censorship-resistant web browsing. In Proceedings of CCS’12 2012.

  • [29] B. Warf. Global geographies of the Internet volume 1. Springer Science & Business Media 2012.

  • [30] Z. Weinberg J. Wang V. Yegneswaran L. Briesemeister S. Cheung F. Wang and D. Boneh. StegoTorus: A camouflage proxy for the Tor anonymity system. In Proceedings of CCS’12 2012.

  • [31] E. Wustrow C. M. Swanson and J. A. Halderman. Tapdance: End-to-middle anticensorship without flow blocking. In Proceedings of USENIX Security’14) 2014.

  • [32] E. Wustrow S. Wolchok I. Goldberg and J. A. Halderman. Telex: Anticensorship in the network infrastructure. In Proceedings of USENIX Security’11 2011.

  • [33] A. C. Yao. Protocols for secure computations. In 2013 IEEE 54th Annual Symposium on Foundations of Computer Science pages 160-164. IEEE 1982.

  • [34] W. Zhou A. Houmansadr M. Caesar and N. Borisov. Sweet: Serving the web by exploiting email tunnels. In Proceedings of HotPETs’13 2013.

Search
Journal information
Metrics
All Time Past Year Past 30 Days
Abstract Views 0 0 0
Full Text Views 292 138 6
PDF Downloads 116 71 1