Cryptology ePrint Archive: Report 2012/494
Protocol Misidentification Made Easy with Format-Transforming Encryption
Kevin P. Dyer and Scott E. Coull and Thomas Ristenpart and Thomas Shrimpton
Abstract: Deep packet inspection (DPI) technologies provide much-needed visibility and control of network traffic using port-independent protocol identification, where a network flow is labeled with its application-layer protocol based on packet contents. In this paper, we provide the first comprehensive evaluation of a large set of DPI systems from the point of view of protocol misidentification attacks, in which adversaries on the network attempt to force the DPI to mislabel connections. Our approach uses a new cryptographic primitive called format-transforming encryption (FTE), which, intuitively, extends conventional symmetric encryption with the ability to transform the ciphertext into a format of our choosing. We design an FTE-based record layer that can encrypt arbitrary application-layer traffic, and we experimentally
show that this forces misidentification for all of the evaluated DPI systems. This set includes
a proprietary, enterprise-class DPI system used by large corporations and nation-states.
We also show that using FTE as a proxy system incurs no latency overhead and only 16\% more bandwidth than standard SSH tunnels. Finally, we integrate our FTE proxy into Tor and demonstrate that it evades real-world censorship by the Great Firewall of China.
Category / Keywords: applications / applications, censorship, censorship circumvention, deep-packet inspection, implementation, information hiding, regular expressions, secret-key cryptography, steganography
Date: received 28 Aug 2012, last revised 7 Jun 2013
Contact author: kdyer at cs pdx edu
Available format(s): PDF | BibTeX Citation
Version: 20130607:140214 (All versions of this report)
Short URL: ia.cr/2012/494
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]