2013-invernizzi-message
findings extracted from this paper
-
Over 72 days, the authors observed 814,667,299 blog posts (average 11,314,823/day; peak 13,083,878/day). To blacklist all potential MIAB drop points, a censor would need to block 33,361,754 FQDNs (5% of all web servers per Netcraft) or 1,803,345 second-level domains (1.4% of global domain registrations); even a fully-maintained static blacklist retains an 11–12% daily miss ratio as new blogs appear.
-
Existing censorship-resistant systems share a fundamental vulnerability: they require the user to know a finite set of entry points (bridge addresses, rendezvous points, or ISP-level collaborators) that a censor can enumerate by impersonating a legitimate user. China has blocked the majority of Tor bridges since 2010 and Iran blocked all encrypted traffic in 2012, demonstrating this attack is operationally deployed at scale.
-
MIAB reduces the bootstrap requirement to only the operator's public key — no pre-shared rendezvous point is needed — by using blog pings as a real-time broadcast discovery channel. Since every blog post on the Internet is a potential drop point, the censor cannot enumerate entry points by posing as a legitimate user, unlike Collage (requires an up-to-date task database) or Telex (requires ISP collaboration).
-
A single modern machine with a fast domestic Internet connection can process the full blog-ping stream within the 5-minute ping-server release interval: steganographic extraction takes 2m:51s, RSA decryption 2m:35s, and image fetching 4m:17s (parallelizable with extraction), completing under 5 minutes at under 90% CPU. A single machine accommodates 15–20 million posts per day; serving Iran's entire population blogging daily would require only five machines.
-
All trained ML classifiers (K-NN, Naive Bayes, ANN, SVM, vote ensemble) performed at near-chance levels when distinguishing RSA-encrypted stego messages from clean photos — best precision 52.05%, best meaningful recall 61.52% (K-NN on clean class). The authors attribute this to embedding only a few hundred bytes into cover photos hundreds of KB in size, with natural image entropy in noisy pixel regions being empirically indistinguishable from RSA-ciphertext statistics.