{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,31]],"date-time":"2025-10-31T14:28:37Z","timestamp":1761920917758,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":29,"publisher":"ACM","license":[{"start":{"date-parts":[[2021,8,23]],"date-time":"2021-08-23T00:00:00Z","timestamp":1629676800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2021,8,27]]},"DOI":"10.1145\/3473604.3474564","type":"proceedings-article","created":{"date-parts":[[2021,8,18]],"date-time":"2021-08-18T20:52:03Z","timestamp":1629319923000},"page":"43-49","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":7,"title":["BlindTLS"],"prefix":"10.1145","author":[{"given":"Sambhav","family":"Satija","sequence":"first","affiliation":[{"name":"University of Wisconsin-Madison"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Rahul","family":"Chatterjee","sequence":"additional","affiliation":[{"name":"University of Wisconsin-Madison"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2021,8,23]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-17172-2_10"},{"key":"e_1_3_2_1_2_1","volume-title":"10th USENIX Workshop on Free and Open Communications on the Internet (FOCI 20)","author":"Bock Kevin","year":"2020","unstructured":"Kevin Bock , Yair Fax , Kyle Reese , Jasraj Singh , and Dave Levin . 2020 . Detecting and Evading Censorship-in-Depth: A Case Study of Iran's Protocol Whitelister . In 10th USENIX Workshop on Free and Open Communications on the Internet (FOCI 20) . USENIX Association. https:\/\/www.usenix.org\/conference\/foci20\/presentation\/bock Kevin Bock, Yair Fax, Kyle Reese, Jasraj Singh, and Dave Levin. 2020. Detecting and Evading Censorship-in-Depth: A Case Study of Iran's Protocol Whitelister. In 10th USENIX Workshop on Free and Open Communications on the Internet (FOCI 20). USENIX Association. https:\/\/www.usenix.org\/conference\/foci20\/presentation\/bock"},{"volume-title":"9th {USENIX} Workshop on Free and Open Communications on the Internet ({FOCI} 19).","author":"Chai Zimo","key":"e_1_3_2_1_3_1","unstructured":"Zimo Chai , Amirhossein Ghafari , and Amir Houmansadr . 2019. On the importance of encrypted-SNI ({ESNI}) to censorship circumvention . In 9th {USENIX} Workshop on Free and Open Communications on the Internet ({FOCI} 19). Zimo Chai, Amirhossein Ghafari, and Amir Houmansadr. 2019. On the importance of encrypted-SNI ({ESNI}) to censorship circumvention. In 9th {USENIX} Workshop on Free and Open Communications on the Internet ({FOCI} 19)."},{"key":"e_1_3_2_1_4_1","unstructured":"CloudFlare Christopher Patton. 2020. Good-bye ESNI hello ECH! https:\/\/blog.cloudflare.com\/encrypted-client-hello\/. (2020).  CloudFlare Christopher Patton. 2020. Good-bye ESNI hello ECH! https:\/\/blog.cloudflare.com\/encrypted-client-hello\/. (2020)."},{"key":"e_1_3_2_1_5_1","unstructured":"Cloudflare. 2021. TLS Session Resumption: Full-speed and Secure. https:\/\/blog.cloudflare.com\/tls-session-resumption-full-speed-and-secure\/. (2021).  Cloudflare. 2021. TLS Session Resumption: Full-speed and Secure. https:\/\/blog.cloudflare.com\/tls-session-resumption-full-speed-and-secure\/. (2021)."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.5555\/1251375.1251396"},{"key":"e_1_3_2_1_7_1","unstructured":"Eric Doerr. 2021. Securing our approach to domain fronting within Azure. https:\/\/www.microsoft.com\/security\/blog\/2021\/03\/26\/securing-our-approach-to-domain-fronting-within-azure\/. (2021).  Eric Doerr. 2021. Securing our approach to domain fronting within Azure. https:\/\/www.microsoft.com\/security\/blog\/2021\/03\/26\/securing-our-approach-to-domain-fronting-within-azure\/. (2021)."},{"key":"e_1_3_2_1_8_1","unstructured":"N. Sullivan E. Rescorla K. Oku. 2020. TLS Encrypted Client Hello. RFC. https:\/\/tools.ietf.org\/html\/draft-ietf-tls-esni-08  N. Sullivan E. Rescorla K. Oku. 2020. TLS Encrypted Client Hello. RFC. https:\/\/tools.ietf.org\/html\/draft-ietf-tls-esni-08"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"crossref","unstructured":"D. Eastlake. 2011. Transport Layer Security (TLS) Extensions: Extension Definitions. RFC 6066.  D. Eastlake. 2011. Transport Layer Security (TLS) Extensions: Extension Definitions. RFC 6066.","DOI":"10.17487\/rfc6066"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1515\/popets-2015-0009"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"crossref","unstructured":"P. Hoffman and P. McManus. 2018. DNS Queries over HTTPS (DoH). RFC 8484.  P. Hoffman and P. McManus. 2018. DNS Queries over HTTPS (DoH). RFC 8484.","DOI":"10.17487\/RFC8484"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"crossref","unstructured":"Z. Hu L. Zhu J. Heidemann A. Mankin D. Wessels and P. Hoffman. 2016. Specification for DNS over Transport Layer Security (TLS). RFC 7858.  Z. Hu L. Zhu J. Heidemann A. Mankin D. Wessels and P. Hoffman. 2016. Specification for DNS over Transport Layer Security (TLS). RFC 7858.","DOI":"10.17487\/RFC7858"},{"key":"e_1_3_2_1_13_1","unstructured":"Erik Hunstad. 2020. New tool brings back 'domain fronting' as 'domain hiding'. https:\/\/www.zdnet.com\/article\/def-con-new-tool-brings-back-domain-fronting-as-domain-hiding\/. (2020).  Erik Hunstad. 2020. New tool brings back 'domain fronting' as 'domain hiding'. https:\/\/www.zdnet.com\/article\/def-con-new-tool-brings-back-domain-fronting-as-domain-hiding\/. (2020)."},{"key":"e_1_3_2_1_14_1","volume-title":"Decoy Routing: Toward Unblockable Internet Communication.. In FOCI.","author":"Karlin Josh","year":"2011","unstructured":"Josh Karlin , Daniel Ellard , Alden W Jackson , Christine E Jones , Greg Lauer , David Mankins , and W Timothy Strayer . 2011 . Decoy Routing: Toward Unblockable Internet Communication.. In FOCI. Josh Karlin, Daniel Ellard, Alden W Jackson, Christine E Jones, Greg Lauer, David Mankins, and W Timothy Strayer. 2011. Decoy Routing: Toward Unblockable Internet Communication.. In FOCI."},{"key":"e_1_3_2_1_15_1","unstructured":"Dave Levin Kevin Bock. 2020. Exposing and Circumventing China's Censorship of ESNI. https:\/\/gfw.report\/blog\/gfw_esni_blocking\/en\/. (2020).  Dave Levin Kevin Bock. 2020. Exposing and Circumventing China's Censorship of ESNI. https:\/\/gfw.report\/blog\/gfw_esni_blocking\/en\/. (2020)."},{"key":"e_1_3_2_1_16_1","volume-title":"13th USENIX Symposium on Operating Systems Design and Implementation (OSD1 18)","author":"Lazar David","year":"2018","unstructured":"David Lazar , Yossi Gilad , and Nickolai Zeldovich . 2018 . Karaoke: Distributed Private Messaging Immune to Passive Traffic Analysis . In 13th USENIX Symposium on Operating Systems Design and Implementation (OSD1 18) . USENIX Association, Carlsbad, CA, 711--725. https:\/\/www.usenix.org\/conference\/osdi18\/presentation\/lazar David Lazar, Yossi Gilad, and Nickolai Zeldovich. 2018. Karaoke: Distributed Private Messaging Immune to Passive Traffic Analysis. In 13th USENIX Symposium on Operating Systems Design and Implementation (OSD1 18). USENIX Association, Carlsbad, CA, 711--725. https:\/\/www.usenix.org\/conference\/osdi18\/presentation\/lazar"},{"key":"e_1_3_2_1_17_1","unstructured":"LetsEncrypt. 2021. HTTPS stats. https:\/\/letsencrypt.org\/stats. (2021).  LetsEncrypt. 2021. HTTPS stats. https:\/\/letsencrypt.org\/stats. (2021)."},{"key":"e_1_3_2_1_18_1","unstructured":"Colm MacCarthaigh. 2018. Enhanced Domain Protections for Amazon CloudFront Requests. https:\/\/aws.amazon.com\/blogs\/security\/enhanced-domain-protections-for-amazon-cloudfront-requests\/. (2018).  Colm MacCarthaigh. 2018. Enhanced Domain Protections for Amazon CloudFront Requests. https:\/\/aws.amazon.com\/blogs\/security\/enhanced-domain-protections-for-amazon-cloudfront-requests\/. (2018)."},{"volume-title":"8th {USENIX} Workshop on Free and Open Communications on the Internet ({FOCI} 18).","author":"Manfredi Victoria","key":"e_1_3_2_1_19_1","unstructured":"Victoria Manfredi and Pi Songkuntham . 2018. MultiFlow: Cross-Connection Decoy Routing using {TLS} 1.3 Session Resumption . In 8th {USENIX} Workshop on Free and Open Communications on the Internet ({FOCI} 18). Victoria Manfredi and Pi Songkuntham. 2018. MultiFlow: Cross-Connection Decoy Routing using {TLS} 1.3 Session Resumption. In 8th {USENIX} Workshop on Free and Open Communications on the Internet ({FOCI} 18)."},{"volume-title":"11th USENIX Symposium on Networked Systems Design and Implementation (NSD1 14)","author":"Nobori Daiyuu","key":"e_1_3_2_1_20_1","unstructured":"Daiyuu Nobori and Yasushi Shinjo . 2014. VPN Gate: A Volunteer-Organized Public VPN Relay System with Blocking Resistance for Bypassing Government Censorship Firewalls . In 11th USENIX Symposium on Networked Systems Design and Implementation (NSD1 14) . USENIX Association , Seattle, WA , 229--241. https:\/\/www.usenix.org\/conference\/nsdi14\/technical-sessions\/presentation\/nobori Daiyuu Nobori and Yasushi Shinjo. 2014. VPN Gate: A Volunteer-Organized Public VPN Relay System with Blocking Resistance for Bypassing Government Censorship Firewalls. In 11th USENIX Symposium on Networked Systems Design and Implementation (NSD1 14). USENIX Association, Seattle, WA, 229--241. https:\/\/www.usenix.org\/conference\/nsdi14\/technical-sessions\/presentation\/nobori"},{"key":"e_1_3_2_1_21_1","volume-title":"Telecom Subscription Data as on 28th","author":"India Telecom Regulatory","year":"2021","unstructured":"Telecom Regulatory Authority of India . 2021. Telecom Subscription Data as on 28th February , 2021 . https:\/\/www.trai.gov.in\/sites\/default\/files\/PR_No.27of2021_0.pdf. (2021). Telecom Regulatory Authority of India. 2021. Telecom Subscription Data as on 28th February, 2021. https:\/\/www.trai.gov.in\/sites\/default\/files\/PR_No.27of2021_0.pdf. (2021)."},{"key":"e_1_3_2_1_22_1","unstructured":"Proton. 2020. Proton VPN. https:\/\/protonvpn.com\/. (2020).  Proton. 2020. Proton VPN. https:\/\/protonvpn.com\/. (2020)."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"crossref","unstructured":"E. Rescorla. 2018. The Transport Layer Security (TLS) Protocol Version 1.3. RFC 8446.  E. Rescorla. 2018. The Transport Layer Security (TLS) Protocol Version 1.3. RFC 8446.","DOI":"10.17487\/RFC8446"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"crossref","unstructured":"J. Salowey H. Zhou P. Eronen and H. Tschofenig. 2008. Transport Layer Security (TLS) Session Resumption without Server-Side State. RFC 5077.  J. Salowey H. Zhou P. Eronen and H. Tschofenig. 2008. Transport Layer Security (TLS) Session Resumption without Server-Side State. RFC 5077.","DOI":"10.17487\/rfc5077"},{"key":"e_1_3_2_1_25_1","volume-title":"How India Censors the Web. In 12th ACM Conference on Web Science (WebSci '20)","author":"Singh Kushagra","year":"2020","unstructured":"Kushagra Singh , Gurshabad Grover , and Varun Bansal . 2020 . How India Censors the Web. In 12th ACM Conference on Web Science (WebSci '20) . Association for Computing Machinery, New York, NY, USA, 21--28. https:\/\/doi.org\/10.1145\/3394231.3397891 10.1145\/3394231.3397891 Kushagra Singh, Gurshabad Grover, and Varun Bansal. 2020. How India Censors the Web. In 12th ACM Conference on Web Science (WebSci '20). Association for Computing Machinery, New York, NY, USA, 21--28. https:\/\/doi.org\/10.1145\/3394231.3397891"},{"key":"e_1_3_2_1_26_1","volume-title":"OpenSSL: The Open Source toolkit for SSL\/TLS. (April","author":"Project The","year":"2003","unstructured":"The OpenSSL Project . 2003. OpenSSL: The Open Source toolkit for SSL\/TLS. (April 2003 ). www.openssl.org. The OpenSSL Project. 2003. OpenSSL: The Open Source toolkit for SSL\/TLS. (April 2003). www.openssl.org."},{"key":"e_1_3_2_1_27_1","unstructured":"Tor. 2021. Tor BridgeDB. https:\/\/bridges.torproject.org\/bridges. (2021).  Tor. 2021. Tor BridgeDB. https:\/\/bridges.torproject.org\/bridges. (2021)."},{"key":"e_1_3_2_1_28_1","unstructured":"W3Techs. 2020. Usage statistics and market share of Cloudflare. https:\/\/w3techs.com\/technologies\/details\/cn-cloudflare. (2020).  W3Techs. 2020. Usage statistics and market share of Cloudflare. https:\/\/w3techs.com\/technologies\/details\/cn-cloudflare. (2020)."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/3278532.3278555"}],"event":{"name":"SIGCOMM '21: ACM SIGCOMM 2021 Conference","sponsor":["SIGCOMM ACM Special Interest Group on Data Communication"],"location":"Virtual Event USA","acronym":"SIGCOMM '21"},"container-title":["Proceedings of the ACM SIGCOMM 2021 Workshop on Free and Open Communications on the Internet"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3473604.3474564","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3473604.3474564","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T20:48:14Z","timestamp":1750193294000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3473604.3474564"}},"subtitle":["Circumventing TLS-based HTTPS censorship"],"short-title":[],"issued":{"date-parts":[[2021,8,23]]},"references-count":29,"alternative-id":["10.1145\/3473604.3474564","10.1145\/3473604"],"URL":"https:\/\/doi.org\/10.1145\/3473604.3474564","relation":{},"subject":[],"published":{"date-parts":[[2021,8,23]]},"assertion":[{"value":"2021-08-23","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}