Stanford Security Lunch
Spring 2015

Get announcements:


April 1, 2015 Blocking-Resistant Communication through Domain Fronting

Speaker:  David Fifield (UC Berkeley)

Abstract:  "Domain fronting" is a versatile and practical censorship circumvention technique based on HTTPS. It uses different names at different network layers to fool a censor as to the true destination of a message. Fronting addresses one of the trickiest aspects of circumvention--that proxies are typically trivial to block once found--by colocating proxies with important web services that cannot be blocked without causing great disruption. Among such fronting-capable services are Google and most large CDNs.

I'll describe the basic idea behind domain fronting (it's very easy) and the outcome of six months and counting of deployment. Fronting powers one of Tor's most-used "pluggable transports," which now serves over a thousand users at any time, and grants access even to users in highly censored places like China. Other circumvention systems have even larger deployments. For many colorful details, see the summary page

April 29, 2015 TBA

Speaker:  Stanislav Shalunov (Open Garden)