Just add WATER: WebAssembly-based Circumvention Transports

Authors: Erik Chi (University of Michigan), Gaukas Wang (University of Colorado Boulder), J. Alex Halderman (University of Michigan), Eric Wustrow (University of Colorado Boulder), Jack Wampler (University of Colorado Boulder)

Year: 2024
Issue: 1
Pages: 22–28

Download PDF

Abstract: As Internet censors rapidly evolve new blocking techniques, circumvention tools must also adapt and roll out new strategies to remain unblocked. But new strategies can be time consuming for circumventors to develop and deploy, and usually an update to one tool often requires significant additional effort to be ported to others. Moreover, distributing the updated application across different platforms poses its own set of challenges. In this paper, we introduce WATER (WebAssembly Transport Executables Runtime), a novel design that enables applications to use a WebAssembly-based application-layer (e.g., TLS) to wrap network connections and provide network transports. Deploying a new circumvention technique with WATER only requires distributing the WebAssembly Transport Module(WATM) binary and any transport-specific configuration, allowing dynamic transport updates without any change to the application itself. WATMs are also designed to be generic such that different applications using WATER can use the same WATM to rapidly deploy successful circumvention techniques to their own users, facilitating rapid interoperability between independent circumvention tools.

Copyright in FOCI articles are held by their authors. This article is published under a Creative Commons Attribution 4.0 license.