The Lox check-blockage protocol response size and time grow linearly with the number of blocked bridges — 6 kB / 11 ms at 5% blocked, 63 kB / 64 ms at 50%, and 126 kB / 122.5 ms at 100% — creating a bandwidth bottleneck a strategic and patient censor can exploit by triggering mass bridge blockages during a critical event (election, coup) to deny successful blockage migrations at the moment users most need them.

Relying on third-party email providers to verify users was demonstrated by Ling et al. to leave Tor's BridgeDB vulnerable to censors capable of creating multiple accounts, enabling bridge enumeration via sock-puppet attacks at scale. Active and passive detection techniques — including traffic flow analysis, DPI, website fingerprinting, and active probing — have been demonstrated in prior work to reveal Tor bridges, making Tor inaccessible for the majority of users in some regions.

§2.2.1 detection

In a Rust implementation evaluated over 10,000 runs with 3,600 bridges (1,800 open-entry single-bridge buckets and 600 hot-spare three-bridge buckets), Lox's trust promotion protocol incurs the highest latency at 364.2 ms response time and 378 kB response size due to the encrypted migration hashtable, but this operation occurs only once per user. All other protocols complete in under 16 ms with request sizes under 3.4 kB.

Table 4, §5.2 evaluation

Lox's trust level scheme (L=0 through L=4, requiring 30, 14, 28, 56, and 84 days respectively per level before upgrading, per Table 2) with blockage inheritance — invited users inherit their inviter's blockage count d — prevents a censor from resetting their reputation through self-invitation after causing blocking events, while users with d ≥ 4 become ineligible to migrate, capping the damage a persistent infiltrator can do.

§4.2.1, §2.4.2, Table 2 defense

Lox uses Chase et al.'s keyed-verification algebraic MAC anonymous credentials in a single-issuer/verifier setting with jointly-chosen credential IDs (neither party can unilaterally select them), so a fully compromised Lox Authority cannot link credential showings to specific users or reconstruct the social graph — the LA learns only that a shown credential was authentically issued.

§3.1, §4.2 defense

Article 19 documents that Iran's National Information Network (NIN / SHOMA) was designed with explicit reference to China's Great Firewall as a model, with institutional mirroring: Iran's Supreme Council of Cyberspace parallels China's Cyberspace Administration of China, and both governments share a "cyber sovereignty" doctrine used to justify domestic content controls and cross-border technology transfer. The report frames Iran's filtering infrastructure as deliberately architected to replicate GFW capabilities, not as an independently developed system.

2026-article19-tightening-the-net §2, §3 dpisni-blockingdns-poisoningip-blockingbgp-hijackthrottling

Article 19 documents that Iran combines technical filtering with formal coercion of major foreign platforms (including Telegram, Instagram, and WhatsApp) to comply with content removal orders under threat of full blocking. The report notes that Iran's 2022 Women Life Freedom protests accelerated platform blocking when foreign operators refused compliance, demonstrating that the censorship system operates in two modes: coerce-and-allow for compliant platforms, block for non-compliant ones. Domain fronting via these platforms is therefore subject to sudden revocation if political conditions change.

2026-article19-tightening-the-net §6 ip-blockingdns-poisoningthrottling

The April 2026 enforcement cycle created a resource-scarcity feedback loop: upstream providers cut lines with no obligation to refund resellers, newly acquired replacement resources can themselves be reported and cut within days, and stable-resource availability windows are described as "越来越短" (increasingly short) while costs rise concurrently. The overall effect is systemic capacity contraction forecast to continue through at least May 2026.

2026-ermao-april-airport-outage §这轮波动到底发生了什么 / §四月后的趋势判断 ip-blockingasn-blackholingthrottling

The report documents that Myanmar's military has used its TSG-based infrastructure to execute targeted throttling and selective shutdowns of specific services and platforms, not only blanket internet shutdowns. This includes selective disruption of VPNs and circumvention tools during periods of civil unrest, demonstrating that Myanmar's censors have operationalized the granular per-service traffic control capabilities documented in the Geedge/MESA leak.

2025-jfm-silk-road-surveillance §5 throttlingip-blockingtraffic-shape

The GFW's robustness depends principally on suppressed citizen demand for uncensored information, not solely on access barriers. Calibration shows censorship remains stable even if the unencouraged access rate were substantially expanded, because low demand and moderate social transmission prevent information from reaching population-wide tipping points. However, censorship is fragile to demand stimulation: scaling the encouragement intervention to all students would, per the model, inform the entire student population.

2019-chen-impact §V ip-blockingkeyword-filteringthrottling

During the June 2025 Iran shutdown, circumvention tool performance diverged sharply by transport design. Psiphon's multi-protocol architecture sustained 1.5 million concurrent users—roughly one-third of its normal Iranian base. Lantern's "proxyless" protocol (domain-fronting via CDN, ~40% of Lantern's Iranian traffic) showed moderate success. Tor usage collapsed during the blackout but bridge connections surged and rebounded quickly after lifting. BeePass (serving 500k+ daily users at shutdown onset) used live A/B testing of port/obfuscation-prefix combinations to probe the censors' blocking parameters in real time. The Ceno Browser's P2P network grew from 600 active peers on June 13 to ~8,000 by July 11, indicating that decentralized fallback paths stayed up even during peak blocking.

2025-iran-shutdown-measurement §Tool Performance dpithrottling