Liang, Yixuan (2024) SNIT: a modified TLS handshake protocol for censorship circumvention. Masters thesis, Memorial University of Newfoundland.
[English]
PDF
- Accepted Version
Available under License - The author retains copyright ownership and moral rights in this thesis. Neither the thesis nor substantial extracts from it may be printed or otherwise reproduced without the author's permission. Download (1MB) |
Abstract
Internet censorship is a global problem. Many countries censor the internet for different reasons. This threatens internet freedom and access to information. 82.8% of websites use the Transport Layer Security (TLS) protocol, which significantly enhances security. However, weaknesses exposed by TLS can still be exploited for internet censorship. For example, the unencrypted Server Name Indication (SNI) directly reveals the website’s identity. We propose a modified handshake protocol, SNIT, for both TLS 1.2 and TLS 1.3, making it difficult to conduct SNI-based censorship. SNIT has high resistance to active probing. On average, the performance loss is 31.69 ms per TLS connection, and there is no effect on subsequent traffic. Compared to competitive approaches, SNIT has decent overall security and performance.
Item Type: | Thesis (Masters) |
---|---|
URI: | http://research.library.mun.ca/id/eprint/16711 |
Item ID: | 16711 |
Additional Information: | Includes bibliographical references (pages 74-85) |
Keywords: | censorship circumvention, TLS, network security, SNI |
Department(s): | Engineering and Applied Science, Faculty of |
Date: | October 2024 |
Date Type: | Submission |
Digital Object Identifier (DOI): | https://doi.org/10.48336/0f8z-5384 |
Library of Congress Subject Heading: | Internet--Censorship; Computer network protocols; Computer networks--Security measures; Freedom of information |
Actions (login required)
View Item |