Reliable Obfuscated Communications Kit for everYone
This project, part of DARPA’s RACE program, seeks to hide critical data within network traffic through sophisticated cryptographic methods and advanced machine learning techniques - delivering a knock-out for privacy protection.
Freedom of expression is a human right. In our global and interconnected world, people should be able to send messages to each other without fear of censorship or worse. Unfortunately, many government authorities can discover, read, and block communications within a network with relative ease. Keeping such communications private and free of censorship is one of our most crucial challenges.
The Defense Advanced Research Projects Agency’s (DARPA) Resilient Anonymous Communication for Everyone (RACE) program launched with the objective to build an anonymous, observation-resilient communication system within a network environment. Galois’s part in this program is to prevent identification of these communications with our Reliable Obfuscated Communications Kit for everYone (ROCKY). ROCKY seeks to embed cryptographically protected data into network traffic using a flexible framework that emulates diverse communication protocols. Our team is joined in this effort by colleagues at the University of Florida and the University of California at San Diego.
Galois is planning three phases for this project, each of which takes on increasingly more challenging goals for achievable bandwidth, latency, and security. We plan an open-source release of our resulting platform at the end of the third and final phase.
Principal Investigators Alex Malozemoff and David Archer note that ROCKY has already achieved two significant field tests. These initial tests “hide in plain sight,” tunneling through everyday communications in the same network area. “In both exercises, we exceeded expectations for reliability and delivered bandwidth,” Archer said.
Going to Fly Past Censors Now
ROCKY is meant to be used in network environments where some authority or entity can monitor and suppress communications more or less at will, but takes advantage of the fact that the authority may not have the computation power to look deeply at every conversation in the whole network,or may not control all of the computers that interface with the network. ROCKY aims to provide a way to communicate among such independently-operated computers, hiding in ways that make it impractical for the authority or entity to detect and deny the communication.
In contrast, prior censorship circumvention systems don’t accurately mimic normal communications, allowing censors to easily determine that the communication was different from the usual traffic.
Galois seeks to solve these challenges within ROCKY with a framework named Balboa. Balboa provides channel-based censorship circumvention by minimizing detectability of private communications on public networks. For now, we minimize detection based on message content by relying on the commonly used Transport Layer Security (TLS) mechanism. More importantly, we minimize detection based on traffic pattern analysis, by piggybacking on regular traffic between commonplace client and server applications.
Making Sure: Security Definitions and Proofs for ROCKY
It can be difficult to determine if a circumvention approach is secure because there are few insights into existing censorship apparatus “in the wild.” One of ROCKY’s key innovative goals is to provide formal security guarantees, with rigorous built-in security definitions. These definitions aim to accurately model real-world adversaries.
ROCKY’s security definitions intend to take advantage of a theoretical censor’s limitations in the real world. For example, many censors may have limited time windows in which they can retain and analyze data. Many censors may also be averse to false positive alerts, because of the extra effort required to investigate those alerts. In addition, the deep packet inspections (DPIs) used by censors have practical limits: DPI takes time and effort, and may not scale well to handle all traffic on a network. As new information on how real-world censors work becomes available during the project, Galois will continue to iterate security notions.
Winning the Fight
If ROCKY succeeds as we aspire, we aim to open-source our platform at the conclusion of RACE. We hope that this release will set the stage for broader assurance of free and uncensored communications. Why? Because words are important, and as the eponymous inspiration for ROCKY once said, “big arms can move rocks, but big words can move mountains.”
Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the United States Air Force and DARPA. This project or effort depicted was or is sponsored by the Air Force Research Laboratory (AFRL) and DARPA under contract number FA8750-19-C-0085.
Distribution Statement “A” (Approved for Public Release, Distribution Unlimited). If you have any questions, please contact the Public Release Center.