Bootstrapping Communications into an Anti-Censorship System


Patrick Lincoln, Ian Mason, Phillip Porras, and Vinod Yegneswaran, SRI International; Zachary Weinberg, CMU/SRI International; Jeroen Massar, William Allen Simpson, and Paul Vixie, ISC; Dan Boneh, Stanford University


Adversary-resistant communication bootstrapping is a fundamental problem faced by many circumvention (anti-censorship) systems such as Tor. Censoring regimes actively harvest and block published Tor entry points and bridge nodes. More recently, some countries have resorted to reactive (follow-up) probing of the destination hosts of outbound encrypted traffic to identify unpublished Tor nodes. We present the design of a new architecture for bypassing censorship, called DEFIANCE, that extends Tor with resilience to both active harvesting and network scanning attacks. The first goal is accomplished using the DEFIANCE Rendezvous Protocol (RP), and the second is achieved using a novel handshake that we call Address-Change Signaling (ACS). We describe prototype implementations of both components, discuss the limits of our architecture, and evaluate what it would take for a determined adversary to defeat our system. While we develop our prototype components over Tor, their design can be easily extended to other circumvention systems.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

@inproceedings {179496,
title = {Bootstrapping Communications into an {Anti-Censorship} System},
booktitle = {2nd USENIX Workshop on Free and Open Communications on the Internet (FOCI 12)},
year = {2012},
address = {Bellevue, WA},
url = {},
publisher = {USENIX Association},
month = aug