2016-li-mailet
findings extracted from this paper
-
By transmitting application-level social media content over genuine SMTP/IMAP connections rather than imitating email protocols, Mailet achieves channel and content consistency, making it immune to the differential channel attacks — channel mismatch and content mismatch — that defeated earlier hide-within systems such as StegoTorus and Freewave.
-
Mailet resists proxy enumeration because clients communicate exclusively through widely-used email hosting providers over standard POP3/SMTP/IMAP ports; no direct client-to-Mailet-server connection ever exists, so even if a censor learns a Mailet server's IP address, blocking it requires blocking all email to major providers — collateral damage that is politically infeasible.
-
Mailet's GCM-based Credential Recovery (GCM-CR) achieves a 120x speedup over traditional garbled-circuit 2PC for privately reconstructing split credentials inside a live TLS record, enabling a single Mailet server to support up to 200 simultaneous sessions with each service request completing in approximately 1 second.
-
Mailet clients' daily email traffic patterns remained within the normal range of genuine email users, validated against the Enron dataset (517,425 emails, 151 users) combined with simulated Twitter usage patterns from 100 randomly sampled accounts, demonstrating that per-user daily email frequency is a poor Mailet detector with high false-positive and false-negative rates.
-
Mailet's (2,2)-threshold credential scheme distributes a user's social media credential as Cred1 ⊕ Cred2 across two randomly chosen servers; an adversary corrupting fraction ρ of the server pool has at most probability ρ² of compromising both servers for a given user, and under standard AES assumptions a single compromised server leaks no information about the credential beyond its length.