Abstract
The Great Firewall of China (GFW) has long censored HTTPS (via the Server Name Indication field, or SNI). Its mechanism for doing so has been studied, with various evasion strategies discovered in recent years. In this paper, we have evidence that suggests the GFW has deployed a second HTTPS censorship middlebox that runs in parallel to the first. We present a detailed analysis of this secondary censorship middlebox -how it operates, the content it blocks, and how it interacts with the primary middlebox -and present evidence that this has been in operation since at least September 2019. We also present several packet-based evasion strategies for the secondary middlebox and demonstrate that the primary censorship middlebox can be defeated independently from the secondary. Our code is publicly available.
Author supplied keywords
Cite
CITATION STYLE
Bock, K., Naval, G., Reese, K., & Levin, D. (2021). Even Censors Have a Backup: Examining China’s Double HTTPS Censorship Middleboxes. In FOCI 2021 - Proceedings of the 2021 Workshop on Free and Open Communications on the Internet (pp. 1–7). Association for Computing Machinery, Inc. https://doi.org/10.1145/3473604.3474559
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
