Cirripede: Circumvention infrastructure using router redirection with plausible deniability

Amir Houmansadr, Giang T.K. Nguyen, Matthew Caesar, Nikita Borisov

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Many users face surveillance of their Internet communications and a significant fraction suffer from outright blocking of certain destinations. Anonymous communication systems allow users to conceal the destinations they communicate with, but do not hide the fact that the users are using them. The mere use of such systems may invite suspicion, or access to them may be blocked. We therefore propose Cirripede, a system that can be used for unobservable communication with Internet destinations. Cirripede is designed to be deployed by ISPs; it intercepts connections from clients to innocent-looking destinations and redirects them to the true destination requested by the client. The communication is encoded in a way that is indistinguishable from normal communications to anyone without the master secret key, while public-key cryptography is used to eliminate the need for any secret information that must be shared with Cirripede users. Cirripede is designed to work scalably with routers that handle large volumes of traffic while imposing minimal overhead on ISPs and not disrupting existing traffic. This allows Cirripede proxies to be strategically deployed at central locations, making access to Cirripede very difficult to block. We built a proof-of-concept implementation of Cirripede and performed a testbed evaluation of its performance properties.

Original languageEnglish (US)
Title of host publicationCCS'11 - Proceedings of the 18th ACM Conference on Computer and Communications Security
Pages187-199
Number of pages13
DOIs
StatePublished - Nov 14 2011
Event18th ACM Conference on Computer and Communications Security, CCS'11 - Chicago, IL, United States
Duration: Oct 17 2011Oct 21 2011

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)1543-7221

Other

Other18th ACM Conference on Computer and Communications Security, CCS'11
CountryUnited States
CityChicago, IL
Period10/17/1110/21/11

Keywords

  • Censorship-resistance
  • Unobservability

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Cirripede: Circumvention infrastructure using router redirection with plausible deniability'. Together they form a unique fingerprint.

Cite this