Recipes for Resistance: A Censorship Circumvention Cookbook

The increasing centralization of Internet infrastructure and web services, along with advancements in the application of machine learning techniques to analyze and classify network traffic, have enabled the growth and proliferation of Internet censorship. While the Internet filtering infrastructure of censoring authorities improves, cracks and weaknesses in the censorship systems deployed by the state allow Internet users to appropriate existing network protocols in order to circumvent censorship attempts. The relationship between censors and censorship resistors is often likened to a cat-and-mouse game in which resistors struggle to find new gaps in nation-state firewalls through which they can access content freely, while censors are devoted to discovering and closing these gaps as quickly as possible. The life cycle of censorship resistance tools typically begins with their creation, but often ends very quickly as the tools are discovered and blocked by censors whose ability to identify anomalous network traffic continues to grow. In this thesis, we provide several recipes to create censorship resistance systems that disguise user traffic, despite a censor’s complete knowledge of how the system works. We describe how to properly appropriate protocols, maximize censorship-resistant bandwidth, and deploy censorship resistance systems that can stand the test of time

A Feature Interaction Resolution Scheme Based on Controlled Phenomena

Systems that are assembled from independently developed features suffer from feature interactions, in which features affect one another's behaviour in surprising ways. To ensure that a system behaves as intended, developers need to analyze all potential interactions -- and many of the identified interactions need to be fixed and their fixes verified. The feature-interaction problem states that the number of potential interactions to be considered is exponential in the number of features in a system. Resolution strategies combat the feature-interaction problem by offering general strategies that resolve entire classes of interactions, thereby reducing the work of the developer who is charged with the task of resolving interactions. In this thesis, we focus on resolving interactions due to conflict. We present an approach, language, and implementation based on resolver modules modelled in the situation calculus in which the developer can specify an appropriate resolution for each variable under conflict. We performed a case study involving 24 automotive features, and found that the number of resolutions to be specified was much smaller than the number of possible feature interactions (6 resolutions for 24 features), that what constitutes an appropriate resolution strategy is different for different variables, and that the subset of situation calculus we used was sufficient to construct nontrivial resolution strategies for six distinct output variables

Elliptic Curves of High Rank

The study of elliptic curves grows out of the study of elliptic functions which dates back to work done by mathematicians such as Weierstrass, Abel, and Jacobi. Elliptic curves continue to play a prominent role in mathematics today. An elliptic curve E is defined by the equation, y2 = x3 + ax + b, where a and b are coefficients that satisfy the property 4a3 + 27b2 = 0. The rational solutions of this curve form a group. This group, denoted E(Q), is known as the Mordell-Weil group and was proved by Mordell to be isomorphic to Zr ⊕ E(Q)tors where the group of rational torsion points consists of all points of finite order. The rank r is difficult to compute and the main goal of this research is to explore the relationship between ranks of elliptic curves and values of a and b. Specifically, we have put a lower bound on the ranks of equations of the form Cm : y2 = x3 − m2 x + 1 and Km : y2 = x3 + m3 x − m3

Leading Johnny to Water: Designing for Usability and Trust

ABSTRACT Although the means and the motivation for securing private messages and emails with strong end-to-end encryption exist, we have yet to see the widespread adoption of existing implementations. Previous studies have suggested that this is due to the lack of usability and understanding of existing systems such as PGP. A recent study by Ruoti et al. suggested that transparent, standalone encryption software that shows ciphertext and allows users to manually participate in the encryption process is more trustworthy than integrated, opaque software and just as usable. In this work, we critically examine this suggestion by revisiting their study, deliberately investigating the effect of integration and transparency on users' trust. We also implement systems that adhere to the OpenPGP standard and use end-to-end encryption without reliance on third-party key escrow servers. We find that while approximately a third of users do in fact trust standalone encryption applications more than browser extensions that integrate into their webmail client, it is not due to being able to see and interact with ciphertext. Rather, we find that users hold a belief that desktop applications are less likely to transmit their personal messages back to the developer of the software. We also find that despite this trust difference, users still overwhelmingly prefer integrated encryption software, due to the enhanced user experience it provides. Finally, we provide a set of design principles to guide the development of future consumerfriendly end-to-end encryption tools