Encrypted Client Hello didn't solve censorship, but still may have a role to play
In November 2024, Russia began blocking Cloudflare’s implementation of Encrypted Client Hello (ECH), a privacy-focused extension of the TLS protocol.“This technology is a means of circumventing restrictions on access to information banned in Russia. Its use violates Russian law and is restricted by the Technical Measure to Combat Threats (TSPU),” the statement by the Russian Internet regulator read.
Russia, known for its tight control over internet access, views ECH as a tool for bypassing geo-restrictions, though that was never its intended purpose. This move follows a broader pattern of censorship and surveillance. Over the past few years, Russia has been cracking down on VPNs, making it harder for users to circumvent government-imposed restrictions.
So, what exactly is ECH, and why is it being blocked in Russia? And, more importantly, could it face similar restrictions in other countries with limited internet freedoms? Last year, AdGuard gave a breakdown of what ECH is, along with its weak and strong points. Let’s quickly recap the key points.
ECH: look under the hood
Encrypted Client Hello (ECH) is a new protocol designed to enhance privacy during the initial handshake between your browser and a website’s server. Normally, when you visit a website, your browser sends an unencrypted “hello” message (called the Client Hello) to the server. This message includes information like the domain name of the website you're trying to visit -- known as the Server Name Indication (SNI). The problem is, without encryption, this information is visible to anyone who can see your internet traffic, such as your ISP, which means they can tell exactly which websites you're visiting (however, not what you’re doing on them).
ECH solves this problem by encrypting that initial message. Instead of the SNI, which can reveal the website’s name, ECH splits the message into two parts. The outer part contains a generic, non-sensitive server name (for example, cloudflare-ech.com), which is visible to anyone watching the traffic. The inner part, which contains the actual website you're visiting, is encrypted. Only the client-facing server (like Cloudflare’s server) can decrypt this part and pass the request on to the correct website without anyone in the middle seeing the details.
In simple terms, ECH helps keep the websites you visit private, even at the start of the connection, making it harder for third parties to monitor your browsing activity. However, while ECH adds an extra layer of privacy, it's not a complete solution on its own, especially for those looking to bypass censorship or ensure full anonymity online. In these cases, a VPN might still be your best option.
Unfulfilled hopes
While the proposed ECH protocol was never designed as a tool to bypass censorship or geo-blocking, some, for various reasons, hoped it could serve that purpose. But that’s not what ECH was built for. Its main goal was always to make the connection between your browser and the website server more secure. As Cloudflare put it at the time, ECH was meant to be "the last puzzle piece to privacy" -- not in the sense of dodging restrictions, but in a purely technical sense of the word.
Before ECH, there was still one last unencrypted piece of data in the TLS protocol. (TLS, or Transport Layer Security, is the standard encryption method that keeps data safe as it moves across the internet) Solving this -- that is figuring out how to encrypt that final piece of data — was a major engineering task. So, that was the mission and that mission was successfully accomplished, no more, no less.
There’s a big difference between designing a working method and making it work in the real world, though. That’s why, when Cloudflare first rolled out ECH in 2023, they had to roll it back due to some unspecified “issues.”. In September 2024, Cloudflare announced it was restarting the ECH rollout, and it only took about a month for Russia’s internet regulator to block the feature.
First signs of blocking and glimpsing the future
Last year, we played devil’s advocate and suggested a few ways network operators could try to block ECH. One of those methods was a cruder approach, which is exactly what the Russian authorities have chosen. They’re blocking known client-facing servers, like cloudflare-ech.com, essentially forcing website owners to opt out of ECH if they want to avoid their sites being broken. The blocking occurs when both of the following elements are present in the connection request:
- SNI extension with the value cloudflare-ech.com (which is a domain used to indicate the use of Cloudflare’s ECH service).
- ECH extension itself (which encrypts part of the connection handshake to enhance privacy).
If both elements are detected, the connection is blocked. The Russian internet watchdog confirmed the blocking, saying that it was triggered by CloudFlare’s move to enable the use of Encrypted Client Hello (ECH) on its services by default.
While a more disruptive tactic would’ve been to block all ECH traffic globally, it seems the Russian regulator is focusing on blocking the specific combination of Cloudflare’s SNI extension and the ECH extension. This targeted approach doesn’t disrupt the whole protocol, just Cloudflare’s ECH implementation.
Russia isn't the only country where internet access is restricted -- China is also blocking ECH, but with a more flexible approach. And it may not stop there. There are quite a few nations that from time to time resort to blocking various services and mechanisms on the pretext of maintaining law and order. India, some European nations and countries in the Middle East are some of them. As ECH adoption grows, we can expect even more countries to start limiting it.
Let’s take it one step further and look at corporate networks. They already weren’t too happy about Encrypted DNS (a privacy-focused protocol that encrypts your DNS queries, which prevents third parties from snooping on the websites you're trying to visit), and now with ECH, things could get even trickier in their eyes. After all, their main goal is to control the traffic that flows through their systems. It's not that they’re being malicious -- it’s just that companies focused on internet security need to have control over what’s happening on their networks. So, it’s likely they’ll take a page from some governments’ playbooks and start restricting ECH as well.
What’s next
All of the above does not mean that ECH is useless, and has no role to play in the internet infrastructure of tomorrow. On the contrary, it’s an essential part of it, and that’s why we have added ECH support in our Windows, Mac, and Android apps. It does have the potential to make browsing more private.
Despite some questionable technical decisions, ECH will improve privacy for many people. Along with Encrypted DNS, it will help reduce the visibility of what users are doing online, making it harder for third parties like ISPs and censors to track their activity. As with any privacy tool, it's important to note that ECH is just one part of the equation.
Besides, for ECH to truly be a game-changer, it needs to be widely adopted -- and that’s not something that will happen in the short term. It's also worth noting that some users will be left out due to restrictions imposed by governments or corporate network administrators. On top of that, some websites might not enable ECH or may opt out altogether, in order to avoid breaking things for users who are subject to these restrictions.
At the end of the day, ECH is a good mechanism, but it's not a silver bullet. It was never designed to, and won't, guarantee your privacy. If you're serious about privacy, it’s better to rely on more robust, tailored tools like a VPN.
Image Credit: Cloudflare
Andrey Meshkov is CTO, AdGuard.