Ethix : Hybrid VPN
A. von Hünerbein (TU Delft - Electrical Engineering, Mathematics and Computer Science)
M. Conti – Mentor (TU Delft - Cyber Security)
Alberto Giaretta – Graduation committee member
More Info
expand_more
Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.
Abstract
The world is getting more and more censored, and the currently available solutions work but with high latency costs. We proposed Ethix, a low latency general-purpose architecture with differential privacy, low network overhead and high theoretical censorship evasion. The Ethix system is a hybrid VPN architecture that uses both centrally controlled components as well as an organized peer-to-peer network. This paper lays out the design introducing a session mixing framework which allows for differential privacy from the proxying server. This differential privacy results in low-quality logs as the data to identity and link cannot be established. Evaluating the Ethix system is done by implementing it using python and amazon ec2 instances and evaluating Ethix against various Adversarial models. The key results indicate that the system in a non-optimized non-deployed setting can reach speeds up to 16 Mpbs, with a minor increase in latency at 5ms for all packet processing. Lastly, this paper argues that the system proposed provides higher privacy than traditional VPNs and is resistant against malicious clients, honest but curious proxy servers, censoring servers and global passive adversaries.