22C3 - 2.2

22nd Chaos Communication Congress
Private Investigations

Sven Löschner
Day 2
Room Saal 4
Start time 18:00
Duration 01:00
ID 589
Event type Lecture
Track Hacking
Language English

Anonymous Data Broadcasting by Misuse of Satellite ISPs

An open-source project to develop a tool for broadband satellite broadcasts

The lecture focuses on satellite ISP technology and how to misuse it for anonymously broadcasting to an unlimited number of anonymous users while only one user pays for a standard dial-up connection of a satellite ISP.

The lecture focuses on satellite ISP technology and how to misuse it for broadcasting to an unlimited number of users.

Satellite ISPs connect users to the Internet by means of satellite communication. The first part of the lecture introduces the basic types of satellite ISPs (symmetric vs. asymmetric or encrypted vs. unencrypted broadcasts).

Then we give an overview of our basic idea: We exploit the fact, that the satellite downstream, containing the data requested by the user, can be received in the whole footprint of the satellite. To broadcast certain data the sender first sends it to a dedicated server, which is connected to the Internet. Then the sender requests this data over the satellite ISP, which results in the data being broadcasted by the satellite ISP. The potential receivers simply listen to the satellite broadcast and filter the data, e.g., by implicit addresses. Implicit addresses are achieved by means of public key encryption and, at the same time, achieves confidentiality of the broadcasted data. While unconditionally strong receiver anonymity is immediately achieved by the nature of a broadcast channel, sender anonymity is achieved by techniques similar to those applied in anonymous P2P publication systems.

Our system works immediately if the satellite ISPs does not encrypt the data. If the satellite ISP encrypts the satellite downstream, the system works as well, but is more involved. This issue and other technical hurdles (e.g., robust broadcasts in face of a high error rate of the broadcast downstream or achieving sender anonymity) are discussed in the third part of the lecture.

The lecture closes with the results of a prototype implementation (a modified web server plus user client) that enables broadband data broadcasting (e.g., file sharing) by exploiting a satellite ISPs. We propose an open-source project to continue the development of our prototype.