Port-scanning resistance in Tor anonymity network
The Onion Router (Tor) is an anonymity network that allows users to perform web browsing and other internet activities anonymously. A Tor user's traffic is routed securely through several other Tor relays before making its way to its destination. No one except the final Tor router in this circuit knows what the final destination of users traffic is and each router in the circuit only knows about the previous and next router. Tor users get the list of Tor IP addresses from a dedicated server which lists most of the Tor routers. With this list they can create random circuits through the internet to route their traffic. Governments that censor the internet with country-wide firewalls want to block Tor, because it allows users to circumvent the censorship. China has begun blocking Tor by downloading the list of all public Tor IP addresses and blocking them.  There are still options for internet users in China to access the Tor network. One option is unpublished Tor relays whose internet addresses are shared via email and instant messenger instead of in a public directory like normal Tor relays. Since these unpublished routers cannot be easily downloaded in bulk like the published Tor routers, detecting and blocking unpublished routers is the obvious next step for China and other censoring nations. Currently it is possible to detect these unpublished Tor relays by running Tor and attempting to connect to every internet address on ports Tor commonly runs. If a computer responds as Tor would, you know it is running Tor and can thus block the internet address. In this paper I present and implement a protocol which decreases the ease of detection of these unpublished relays, by hiding them behind a web server to prevent this type of scanning.