TapDance circumvents censorship via ISP, not proxy servers

9/6/2017 Christina Como, ECE ILLINOIS

Borisov is part of the team reporting initial results from the world's first ISP-scale field trial of a refraction networking system.

Written by Christina Como, ECE ILLINOIS

Nikita Borisov
Nikita Borisov
For the past two years, Associate Professor Nikita Borisov has been stealthily fighting for internet freedom as part of a team of engineers and researchers from the University of Illinois, Michigan, and Raytheon BBN Technologies. This August at the 2017 USENIX Security conference, the team announced the successful implementation of TapDance, a next-generation experimental technique called refraction networking, or decoy routing.

After even Tor, proxies, and VPNs failed to escape China’s iron fist of censorship, researchers started to look beyond third-party apps and service-providers to the core of the internet itself to circumvent web restrictions. The fundamental idea of refraction networking is to move away from individual proxies, which can be blocked, and instead secretly tag and extract traffic from a router.

This past spring, the team partnered with Psiphon, an anti-censorship tool, to deploy TapDance, the first large-scale field trial of the refraction networking scheme since the concept’s origin in 2011. Funded by the U.S. State Department, the trial lasted over one week and provided more than 50,000 users worldwide unrestricted access to the web.

TapDance was successfully demonstrated to be effective and affordable at ISP scale. The researchers are hopeful to see deployment of TapDance or other refraction networking schemes in the future.

Due to the limited time frame of the test run, a major concern remains whether TapDance is detectable and amenable by more powerful censors. However, the quantity of TapDance servers is key.

“If we have enough of [the sensors] out there, the odds of going past a TapDance site increases,” said David Robinson, one of the paper's co-authors and co-founder of the Washington-based tech policy consulting firm Upturn.

Furthermore, if enough of those sites are contained within the major infrastructure of the internet, then the cost of blocking them all will become impractical.

This research has been highlighted by CBC News and Medium. Read the original paper on the USENIX website.


Share this story

This story was published September 6, 2017.