Systemization of Pluggable Transports for Censorship Resistance

An increasing number of countries implement In- ternet censorship at different levels and for a variety of reasons. The link between the censored client and entry point to the uncensored communication system is a frequent target of cen- sorship due to the ease with which a nation-state censor can control this. The diversity of a censor's attack landscape has led to an arms race, leading to a dramatic speed of evolution of censorship resistance schemes (CRSs) (we note that at least six CRSs have been written in 2014 so far). Despite the inherent complexity of CRSs and the breadth of work in this area, there is no principled way to evaluate individual systems and compare them against each other. In this paper, we (i) sketch an attack model to comprehensively explore a censor's capabilities, (ii) present an abstract model of a Pluggable Transport (PT)-a system that helps a censored client communicate with a server over the Internet while resisting censorship, (iii) describe an evaluation stack that presents a layered approach to evaluate PT, and (iv) survey 34 existing PTs and present a detailed evaluation of 6 of these corresponding to our attack model and evaluation framework. We highlight the inflexibility of current PTs to lend themselves to feature sharability for broader defense coverage. To address this, we present Tweakable Transports-PTs built out of re-usable compo- nents following the evaluation stack architecture with a view to flexibly combine complementary PT features. We also list a set of challenges to guide future work on Tweakable Transports.