Several recently proposed censorship circumvention systems use encrypted network channels of popular applications to hide their communications. For example, a Tor pluggable transport called Snowflake uses the WebRTC data channel, while a system called Protozoa substitutes content in a WebRTC video-call application. By using the same channel as the cover application and (in the case of Protozoa) matching its observable traffic characteristics, these systems aim to resist powerful network-based censors capable of large-scale traffic analysis. Protozoa, in particular, achieves a strong indistinguishability property known as behavioral independence. We demonstrate that this class of systems is generically vulnerable to a new type of active attacks we call "differential degradation." These attacks do not require multi-flow measurements or traffic classification and are thus available to all real-world censors. They exploit the discrepancies between the respective network requirements of the circumvention system and its cover application. We show how a censor can use the minimal application-level information exposed by WebRTC to create network conditions that cause the circumvention system to suffer a much bigger degradation in performance than the cover application. Even when the attack causes no observable differences in network traffic and behavioral independence still holds, the censor can block circumvention at a low cost, without resorting to traffic analysis, and with minimal collateral damage to non-circumvention users. We present effective differential degradation attacks against Snowflake and Protozoa. We explain the root cause of these vulnerabilities, analyze the tradeoffs faced by the designers of circumvention systems, and propose a modified version of Protozoa that resists differential degradation attacks.

翻译：近年来提出的若干审查规避系统利用流行应用的加密网络通道来隐藏其通信。例如，名为Snowflake的Tor可插拔传输使用WebRTC数据通道，而名为Protozoa的系统则替换WebRTC视频通话应用中的内容。通过使用与掩护应用相同的通道并（在Protozoa的情况下）匹配其可观测流量特征，这些系统旨在抵抗能够进行大规模流量分析的强大基于网络的审查器。特别是Protozoa实现了被称为行为独立性的强不可区分性。我们证明此类系统普遍易受我们称为"差分降级"的新型主动攻击。这些攻击不需要多流测量或流量分类，因此所有现实世界的审查器均可实施。它们利用规避系统与其掩护应用各自网络需求之间的差异。我们展示了审查器如何利用WebRTC暴露的最少应用层信息来创建网络条件，使规避系统比掩护应用遭受更严重的性能降级。即使攻击未引起网络流量的可观测差异且行为独立性仍然成立，审查器也能以低成本、无需借助流量分析且对非规避用户造成最小附带损害的方式阻断规避行为。我们提出了针对Snowflake和Protozoa的有效差分降级攻击，解释了这些漏洞的根本原因，分析了规避系统设计者面临的权衡，并提出了一种能抵抗差分降级攻击的Protozoa改进版本。