Encrypted Client Hello (ECH) in Censorship Circumvention
N. Niere, F. Lange, N. Heitmann, J. Somorovsky, in: 2025.
Download

Download (ext.)
Conference Paper
| English
Author
Abstract
Censors have long censored Transport Layer Security (TLS) traffic by inspecting the domain name in the unencrypted Server Name Indication (SNI) extension. By encrypting the SNI extension, the Encrypted ClientHello (ECH) prevents censors from blocking TLS traffic to certain domains. Despite this promising outlook, ECH’s current capability to contest TLS censorship is unclear; for instance, Russia has started censoring ECH connections successfully. This paper clarifies ECH’s current role for TLS censorship. To this end, we evaluate servers’ support for ECH and its analysis and subsequent blocking by censors. We determine Cloudflare as the only major provider supporting ECH. Additionally, we affirm previously known ECH censorship in Russia and uncover indirect censorship of ECH through encrypted DNS censorship in China and Iran. Our findings suggest that ECH’s contribution to censorship circumvention is currently limited: we consider ECH’s dependence on encrypted DNS especially challenging for ECH’s capability to circumvent censorship. We stress the importance of censorship-resistant ECH to solve the long-known problem of SNI-based TLS censorship.
Keywords
Publishing Year
Conference
Free and Open Communications on the Internet
Conference Location
Washington, D.C.
Conference Date
2025-07-14 – 2025-07-14
LibreCat-ID
Cite this
Niere N, Lange F, Heitmann N, Somorovsky J. Encrypted Client Hello (ECH) in Censorship Circumvention. In: ; 2025.
Niere, N., Lange, F., Heitmann, N., & Somorovsky, J. (2025). Encrypted Client Hello (ECH) in Censorship Circumvention. Free and Open Communications on the Internet, Washington, D.C.
@inproceedings{Niere_Lange_Heitmann_Somorovsky_2025, title={Encrypted Client Hello (ECH) in Censorship Circumvention}, author={Niere, Niklas and Lange, Felix and Heitmann, Nico and Somorovsky, Juraj}, year={2025} }
Niere, Niklas, Felix Lange, Nico Heitmann, and Juraj Somorovsky. “Encrypted Client Hello (ECH) in Censorship Circumvention,” 2025.
N. Niere, F. Lange, N. Heitmann, and J. Somorovsky, “Encrypted Client Hello (ECH) in Censorship Circumvention,” presented at the Free and Open Communications on the Internet, Washington, D.C., 2025.
Niere, Niklas, et al. Encrypted Client Hello (ECH) in Censorship Circumvention. 2025.
All files available under the following license(s):
Creative Commons Attribution 4.0 International Public License (CC-BY 4.0):
Main File(s)
File Name
foci-2025-0016.pdf
755.17 KB
Access Level

Last Uploaded
2025-07-03T07:11:14Z
Link(s) to Main File(s)
Access Level
