This paper presents a study of the Internet infrastructure in India from the point of view of censorship. First, we show that the current state of affairs — where each ISP implements its own content filters (nominally as per a governmental blacklist) — results in dramatic differences in the censorship experienced by customers. In practice, a well-informed Indian citizen can escape censorship through a judicious choice of service provider. We then consider the question of whether India might potentially follow the Chinese model and institute a single, government-controlled filter. This would not be difficult, as the Indian Internet is quite centralized already. A few “key” ASes (â‰ˆ 1% of Indian ASes) collectively intercept â‰ˆ 95% of paths to the censored sites we sample in our study, and also to all publicly-visible DNS servers. 5, 000 routers spanning these key ASes would suffice to carry out IP or DNS filtering for the entire country; â‰ˆ 70% of these routers belong to only two private ISPs. If the government is willing to employ more powerful measures, such as an IP Prefix Hijacking attack, any one of several key ASes can censor traffic for nearly all Indian users. Finally, we demonstrate that such federated censorship by India would cause substantial collateral damage to non-Indian ASes whose traffic passes through Indian cyberspace (which do not legally come under Indian jurisdiction at all).
Date of creation, presentation, or exhibit
Department, Program, or Center
Department of Computing Security (GCCIS)
Gosain D., Agarwal A., Shekhawat S., Acharya H.B., Chakravarty S. (2018) Mending Wall: On the Implementation of Censorship in India. In: Lin X., Ghorbani A., Ren K., Zhu S., Zhang A. (eds) Security and Privacy in Communication Networks. SecureComm 2017. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 238. Springer, Cham. https://doi.org/10.1007/978-3-319-78813-5_21
RIT – Main Campus
This is a post-peer-review, pre-copyedit version of an article published in SecureComm 2017. The final authenticated version is available online at: https://doi.org/10.1007/978-3-319-78813-5_21