|
Many nation states restrict citizen access to information over the Internet by analyzing Internet users' traffic and then blocking traffic deemed controversial or antithetical to the views of the nation state. This project explores an alternative end-to-end network architecture that removes the vulnerability of citizens to traffic analysis. The researchers propose alternative Internet architecture and protocol designs, assesses the impact of such designs on Internet stakeholders, and provide assessment methods for correctness, performance, and scalability of the alternative design. The project broadly impacts multiple domains and research communities, from the network security and anti-censorship communities to those who design and run the Internet. Assuring that individuals around the world can easily access information over the Internet is one of the core, driving principles behind this project.
Traffic analysis uses packet meta-data and side-channels to infer information about communication sessions, encrypted or not, running over a network. Proxy services make traffic analysis difficult by inserting intermediate nodes between packet source and destination, but their success is limited. They can be detected and blocked. The core concept binds communications sessions to dynamic, short-lived, and seemingly random Internet Protocol (IP) addresses. This fundamentally impacts multiple aspects of the Internet: the domain name system (DNS), IP addressing/routing, and packet forwarding. This EAGER project will explore the solution space (scope, capabilities, impact), identify strategies for realization, and develop a prototype to assess key properties of the approach. The project's intellectual merit includes host and network methods based on ephemeral, pseudo-random IP addresses, IPv6 addressing and inter-domain routing, and SDX architecture/functions.
|
EAGER: Towards a Traffic Analysis Resistant Internet Architecture