Detecting Encrypted Client Hello (ECH) Blocking
This blogpost was edited by Torsha Sarkar.
The Transport Layer Security (TLS) protocol, which is widely recognised as the lock sign in a web browser’s URL bar, encrypts the contents of internet connections when an internet user visits a website so that network intermediaries (such as Internet Service Providers, Internet Exchanges, undersea cable operators, etc.) cannot view the private information being exchanged with the website.
TLS, however, suffers from a privacy issue – the protocol transmits a piece of information known as the Server Name Indication (or SNI) which contains the name of the website a user is visiting. While the purpose of TLS is to encrypt private information, the SNI remains unencrypted – leaking the names of the websites internet users visit to network intermediaries, who use this metadata to surveil internet users and censor access to certain websites. In India, two large internet service providers – Reliance Jio and Bharti Airtel – have been previously found using the SNI field to block access to websites.
Encrypted Client Hello (or ECH) is a new internet protocol that has been under development since 2018 at the Internet Engineering Task Force (IETF) and is now being tested for a small percentage of internet users before a wider rollout. It seeks to address this privacy limitation by encrypting the SNI information that leaks the names of visited websites to internet intermediaries. The ECH protocol significantly raises the bar for censors – the SNI is the last bit of unencrypted metadata in internet connections that censors can reliably use to detect which websites an internet user is visiting. After this protocol is deployed, censors will find it harder to block websites by interfering with network connections and will be forced to utilise blocking methods such as website fingerprinting and man-in-the-middle attacks that are either expensive and less accurate, or unfeasible in most cases.
We have been tracking the development of this privacy enhancement. To assist the successful deployment of the ECH protocol, we contributed a new censorship test to the Open Observatory for Network Interference (OONI) late last year. The new test attempts to connect to websites using the ECH protocol and records any interference from censors to the connection. As censors in some countries were found blocking a previous version of the protocol entirely, this test gives important early feedback to the protocol developers on whether censors are able to detect and block the protocol.
We conducted ECH tests during the first week of September 2023 from four popular Indian ISPs, namely Airtel, Atria Convergence Technologies (ACT), Reliance Jio, and Vodafone Idea, which account for around 95% of the Indian internet subscriber base. The results indicated that ECH connections to a popular website were successful and are not currently being blocked. This was the expected result, as the protocol is still under development. We will continue to monitor for interference from censors closer to the time of completion of the protocol to ensure that this privacy enhancing protocol is successfully deployed.