BlindBox: Deep Packet Inspection over Encrypted Traffic
Many network middleboxes perform Deep Packet Inspection (DPI), a set of useful tasks which examine packet payloads. These tasks include Intrusion Detection System (IDS), exfiltration detection and parental filtering. However, a long-standing issue is that once packets are sent over HTTPS, middleboxes can no longer accomplish their tasks because the payloads are encrypted. Hence, one is faced with the choice of only one of two desirable properties: the functionality of middleboxes and the privacy of encryption. The authors propose BlindBox, the first system that simultaneously provides both of these properties.