Appendix Paper Published
Transcript of Appendix Paper Published
7/29/2019 Appendix Paper Published
http://slidepdf.com/reader/full/appendix-paper-published 1/12
Research Article ISSN 2277–9140
ReceivedonMay2012,PublishedonJuly2012 294
INTERNATIONAL JOURNAL OF ADVANCES IN
COMPUTING AND INFORMATION
TECHNOLOGY An International online open access peer reviewed journal
BlockingofMischievoususersinAnonymizingNetworksusingNymbleSystem
MohammadZainuddin1,D.Baswaraj21M.TechStudent,
2AssociateProfessorinCMRInstituteofTechnology,JNTUH
[email protected] doi:10.6088/ijacit.12.13009
ABSTRACT
Therearesomenetworkscalled“Anonymizingnetworks”whichallowuserstogainaccesstointernetservices
without revealing their identity (IP-addresses) to the servers. Networks such as “Tor (The Onion
Router)”,”Crowds” and “I2P” gained popularity in the years 2002-2007, but the success of such networks
however has been limited by users employing this anonymity for abusive purposes such asdefacingpopular
websitessuchas “Wikipedia”.WebsiteAdministratorsblocksentirenetworkwhichisconnectedtotheabusive
systemtogetridoftheabuser.Hence,well-behavedusersalsogetblockedduetothisaction.Toaddressthis
problem,wepresentaNymblesysteminwhichserverscan“blacklist”mischievoususerswithoutaffectinggood
usersandalsomaintaininganonymityacrossthenetwork.
Keywords:Anonymous,privacy,revocation,pseudonym.
1. Introduction
Networkswhich provide anonymity to users such asCrowds andTor [1], [2], will route the traffic through
independentnodesinseparateadministrativedomainstohidetheuser’sIPaddress.Tornetworkroutesthrough
severalseriesofrouterstodecreasetheprobabilityofpredictingtheIPaddressoftheuserbytheserverandhence
increasestheanonymity.Butunfortunatelysomeusershavemisusedsuchnetworksbytakingtheadvantageof
theiranonymity todefacepopularwebsites.Sincewebsiteadministratorscannotblacklistindividualmalicioususers’ IP addresses, they blacklist the entire anonymizing network. Such measures will definitely eliminate
maliciousactivitythroughanonymizingnetworks,butatthesametimeitresultsindenialofservicetobehaving
usersaswell.Inotherwords,apoisonousfishcankillallotherfishesunderthatsamearea.(Thishashappened
repeatedlywithTor).
There are several solutions proposed to this problem so far, each providing some sort of accountability.
“Pseudonymouscredentialsystems”[4]wasthefirststeptowardsthecontrolofmisbehavingusersinanonymousnetworks. It was introduced by “Chaum” in 1985, as a way of allowing a user to work effectively and
anonymouslywithmultipleorganizations.Hesuggestedthateachorganizationmayknowauserbyadifferent
pseudonymorsimplya“nym”.Inpseudonymouscredentialsystems,userslogintowebsitesusingpseudonyms,whichisaddedtotheblacklistifausermisbehaves.Unfortunately,thismethodresultsinpseudonymityforall
usersandweakenstheanonymityprovidedbytheanonymizingnetworks.“AnonymousCredentialsystem”[5],
[6]wasintroducedbyChaumandmanyanonymouscredentialsystemshavebeenproposedsincethen.Basically,
thissystememploysgroupsignatures[7],[8]whichallowserverstorevokeamisbehavinguser’sanonymityby
7/29/2019 Appendix Paper Published
http://slidepdf.com/reader/full/appendix-paper-published 2/12
BlockingofMischievoususersinAnonymizingNetworksusingNymbleSystem
MohammadZainuddin,D.Baswaraj 295
InternationalJournalofAdvancesinComputingandInformationTechnology
complainingtoagroupmanager.Serversneedstoquerythegroupmanagerforeveryauthenticationandhence
lacksscalability.Duetothisreason,theanonymouscredentialssystemsareleastusednow-a-days.
“Verifier-localrevocation”[9]isanotherapproachforourprobleminwhich“Groupsignatures”areused.Inthis
scheme, theserver (“verifier”) is required toperformonly localupdatesduring revocation.Butunfortunately,VLRrequiresheavycomputationattheserverthatislinearinthesizeoftheblacklist.
1.1OursolutionWepresentasecuresystemcalled“Nymble”whichprovidesthepropertiessuchas:
•Anonymousauthentication•Backwardunlinkability•Subjectiveblacklisting•Fastauthenticationspeeds•Rate-limitedanonymousconnections•Revocationauditability•Anti-Sybilattack
InNymble system [3], [11]usersacquire a collectionofnymbles,a specialtypeof pseudonym toconnectto
websites.Websitescanblacklistusersbyobtainingaseedforaparticularnymble,allowingthemtolinkfuture
nymblesfromthesameuserbymakingthenymbleswhichwereusedbeforecomplaintsremainunlinkable.
Hence,serverscanblacklisttheanonymoususerswithoutknowledgeoftheirIPaddresseswhileallowingwell-
behavinguserstoconnectanonymously.Inthissystem,usersshouldbeawareoftheirblackliststatusbeforethey
enteranymblesystemanddisconnectimmediatelyiftheyareblacklisted.
AboveistheNymblesystemarchitecturewhichhasvariousmodesofinteractioninthenetworkofanonymity.
This system has overcomemany drawbacks which arise from the previouslyproposed systems including thespeed,computationwork,securityetc.
7/29/2019 Appendix Paper Published
http://slidepdf.com/reader/full/appendix-paper-published 3/12
BlockingofMischievoususersinAnonymizingNetworksusingNymbleSystem
MohammadZainuddin,D.Baswaraj 296
InternationalJournalofAdvancesinComputingandInformationTechnology
2. DevelopmenttowardstheappropriatesolutionThemajorneedforcreationofanonymizingnetworksisinthefieldof“DepartmentofDefence(DoD)”inorder
toconnecttoserverprivatelywithoutrevealingtheuser’sidentity.ThefirstanonymousnetworkwasdevelopedbyRogerDingledine,NickMathewsonandPaulSyversoninSeptember2002anditwasnamedas“Tor(TheonionRouter)”.Torisasystemintendedtoenableonlineanonymity.UsingTormakesitdifficulttotraceinternet
activity,“includingvisitstowebsites,onlineposts,instantmessagesandothercommunicationforms”,anditis
intendedtoprotectusers’personalfreedom,privacyandabilitytoconductconfidentialbusinessbykeepingtheir
internetactivitiesfrombeingmonitored.
AboveistheworkingofTornetworkandencryptednodesinthatnetwork.ApartfromTortherearemanyother
anonymizingnetworks.Suchas:
• Crowds
• I2P[12]
• Freenet
• Phantom
2.1PseudonymousCredentialSystems
Pseudonymitytechnologyistechnologythatallowsindividualstorevealorproveinformationaboutthemselvesto others, without revealing their full identity. A credential system is a system in which users can obtain
credentials from organizations and demonstrate possession of these credentials. The idea of Pseudonymous
credentialsystemswasfirstputforwardedby“AnnaLysyanskaya”,“R.L.Rivest”and“A.Sahai”in1999evenbeforeanonymousnetwoksweredeveloped.Inpseudonymouscredentialsystems,userslogintowebsitesusing
pseudonyms[10].Pseudonymsarethefalsenamesusedtohideusers’actualidentitiesandmaintainsanonymity.
PseudonymsaregeneratedbyTorclientprogramitselfandtheyareusedtologintowebsites.Servermaintains
theblacklistofmischievoususersbyusingpseudonymsprovidedbytheusers.
7/29/2019 Appendix Paper Published
http://slidepdf.com/reader/full/appendix-paper-published 4/12
BlockingofMischievoususersinAnonymizingNetworksusingNymbleSystem
MohammadZainuddin,D.Baswaraj 297
InternationalJournalofAdvancesinComputingandInformationTechnology
Advantages:
• Simpletoimplement
• Lesscomputational
Drawbacks:
• Itresultsinpseudonymityforallusers
• Weakenstheanonymity
2.2AnonymousCredentialSystems
An anonymous credential system consists of users and organizations.Organizations know the users only by
pseudonyms.Thebasicsystemcomprisesprotocolsforausertojointhesystem,registerwithanorganization,
obtainmulti-showcredentials,andshowsuchcredentials.Anonymouscredentialsystemwastheinnovationof
“J.Camenisch”and“AnnaLysyanskaya”intheyear2001.Theyusedtheconceptof“Groupsignatures”tomake
thesystemmoreefficientandanonymous.Anonymouscredentialsystemconsistsofthreepartiesi.e.users,an
authority, andverifiers.Thesesystemsemploy group signatureswhich allow servers torevoke amisbehaving
user’sanonymitybycomplainingtoagroupmanager.
Serversmustquerythegroupmanagerforeveryauthenticationandhencethissystemlacksscalability.
7/29/2019 Appendix Paper Published
http://slidepdf.com/reader/full/appendix-paper-published 5/12
BlockingofMischievoususersinAnonymizingNetworksusingNymbleSystem
MohammadZainuddin,D.Baswaraj 298
InternationalJournalofAdvancesinComputingandInformationTechnology
Advantages
• Digitalsignaturesensurethesecurityofsystemtosomeextent.
Drawbacks• Lacksscalability
• Backwardunlinkabilityisnotpossible
• Serverscanfindusers’IPaddressesbyusingtraceablesignatures
3. Verifier-localrevocation(VLR)InordertoovercometheproblemoflackofbackwardunlinkabilityVLRisproposedin2004by“DanBoneh”
and“HovavShacham”.Anapproachofmembershiprevocationingroupsignaturesisverifier-localrevocation.In
thisapproach,onlyverifiersareinvolvedintherevocationmechanism,whilesignershavenoinvolvement.Thus,
sincesignershave noload, this approachissuitableformobileenvironments.This scheme satisfiesbackward
unlinkabilitytosomeextent.Thebackwardunlinkabilitymeansthatevenafteramemberisrevoked,signatures
producedbythememberbeforetherevocationremainsanonymous.Verifier-localrevocationrequirestheserver(“verifier”)toperformonlylocalupdatesduringrevocation.Hence,therewillbelotofburdenontheserver.
Advantages:
• Localupdatingispossible
• Backwardunlinkability
Drawbacks:
• Heavycomputationalatserverside
• Timeconsuming
• LessSecure
Hence,duetotheunsatisfiedresultsoftheexistingsystems,weimplementedthenewNymblesystemwhichcan
giveusthefruitfulresultswhichweneed.
3.1Ourproposedsolution
PreviouslydevelopedsystemshavesomanydrawbackswhichrestrictedTorandotheranonymizingnetworks’
usageintheorganizations.Hence,Nymblesystemsareproposedinordertoovercomeallthoseweaknessesand
maketheTorasafeandefficientnetwork.InNymble,usersneedtoacquireanorderedcollectionofnymbles
whichisaspecialtypeofpseudonyminordertoconnectwithwebsites.Thereisnorestrictiononthetypeof
anonymizingnetworkusedi.e.itisnotnecessarythatonlyTorshouldbeusedhere.
3.2Overviewsystemdesign
7/29/2019 Appendix Paper Published
http://slidepdf.com/reader/full/appendix-paper-published 6/12
BlockingofMischievoususersinAnonymizingNetworksusingNymbleSystem
MohammadZainuddin,D.Baswaraj 299
InternationalJournalofAdvancesinComputingandInformationTechnology
Aswecansee,Nymblesystemhasvariousmodesofinteractiontodifferentmodules.
4. WorkingofNYMBLENymblesaregeneratedbythe“Nymblemanager”baseduponpseudonymandserverID.Websitescanblacklistusersbyobtainingaseedforaparticularnymble,allowingthemtolinkfuturenymblesfromthesameuser.One
important thingwhich can beobservedin our proposed system isthateventhough the future nymblesof the
abusiveuserarelinked,thenymblesthatareusedbeforecomplaintremainunlinkable.Hence,Nymblesystem
guaranteesbackwardunlinkability.
TherearebasicallythreemodulesinNymblesystem.Theyare:
• PseudonymManager
• NymbleManager
• Blacklistingauser
4.1PseudonymManager
Userneedtocontactthepseudonymmanageranddemonstratecontroloveraparticularresourceinordertogetits
IP-address blocked.Theuseris requiredto connect tothePMdirectly i.e. not throughaknownanonymizing
network.PseudonymManagerhastheknowledgeaboutTorroutersandhenceitwon’tacceptitifausertriesto
connectwithitwithanonymizingnetwork.ThebasicideabehindconnectingdirectlywithPseudonymManageris that, itcanidentify the IP-address of the user.Pseudonymsarechosen based upon the controlled resource
ensuringthatthesamepseudonymisalwaysissuedforthesameresource.PseudonymManageronlyknowsthe
IP address-pseudonym pair and hence it does not know the server towhich the userwants to connect.User
contactsthePseudonymmanageronlyonceperlinkabilitywindow(e.g.Onceaday).ThePseudonymManager
issuespseudonymstousers.Apseudonym“pnym”hastwocomponents“nym”and“mac”.
“nym”isapseudo-randommappingoftheuser’sidentity,thelinkabilitywindowwforwhichthepseudonymisvalidandPM’ssecretkeynymKeyp.
“mac”isaMACthattheNymbleManagerusestoverifytheintegrityofthepseudonym.
Thebelowarethealgorithmsusedincreationandverificationofpseudonyms.
7/29/2019 Appendix Paper Published
http://slidepdf.com/reader/full/appendix-paper-published 7/12
BlockingofMischievoususersinAnonymizingNetworksusingNymbleSystem
MohammadZainuddin,D.Baswaraj 300
InternationalJournalofAdvancesinComputingandInformationTechnology
Aswecanclearlysee,PseudonymsaregeneratedbaseduponuserIPaddressi.e.uid,linkabilitywindowwand
secretkey.
4.2NymbleManager
Aftergettingthepseudonymfromthepseudonymmanager,theuserconnectstotheNymblemanagerthroughanonymizingnetworkandrequestsnymblesforaccesstoaparticularserver.
Nymblesaregenerated usingthe user’spseudonymand the server’s identity.NymbleManager doesn’tknow
anything about the user’s identity. It knows only the pseudonym-server pair. Nymble Manager encapsulates
nymbleswithin“Nymbletickets”inordertoprovidecryptographicprotectionandsecurityproperties.
NymbleTicketsareboundtospecifictimeperiods.InNymblesystem,timeisdividedintolinkabilitywindowsof
durationWandeachwissplitintoLtimeperiodsofdurationTi.e.W=L*T.
Fromtheabovefig,wecanillustratethatfutureconnectionswillbecomelinkableforaparticularcurrentwindow
fromwhichthecomplaintisregisteredandafterthatwindowtheconnectionswillbeanonymousandunlinkableonceagain.Thisshowsthebackwardunlinkablenatureofoursystem.
7/29/2019 Appendix Paper Published
http://slidepdf.com/reader/full/appendix-paper-published 8/12
BlockingofMischievoususersinAnonymizingNetworksusingNymbleSystem
MohammadZainuddin,D.Baswaraj 301
InternationalJournalofAdvancesinComputingandInformationTechnology
NymbleTicketsaregeneratedbaseduponthebelowalgorithm.
A credential contains all the Nymble tickets for a particular linkability window that a user can present to a
particularserver.Aticketcontainsanymblespecifictoaserver,timeperiodandlinkabilitywindow.
7/29/2019 Appendix Paper Published
http://slidepdf.com/reader/full/appendix-paper-published 9/12
BlockingofMischievoususersinAnonymizingNetworksusingNymbleSystem
MohammadZainuddin,D.Baswaraj 302
InternationalJournalofAdvancesinComputingandInformationTechnology
5. BlacklistingauserWhenever a user misbehaves, the server can link any future connection from that user within the current
linkability window (e.g. the same day). Blacklistability assures that any honest server can indeed blockmischievous users. Specifically, if a honest server complaints about a user that misbehaved in the currentlinkabilitywindow,thecomplaintwillbesuccessfulandtheuserwillbenotabletonymble-connecttotheserver
successfullyinsubsequenttimeperiods.
Intheaboveexample,Alicetriestodefaceawebsitebyusinganonymizingnetworkandgetsblacklistedbythe
server.Blacklistingcanbeimplementedbyusingthebelowalgorithm:
7/29/2019 Appendix Paper Published
http://slidepdf.com/reader/full/appendix-paper-published 10/12
BlockingofMischievoususersinAnonymizingNetworksusingNymbleSystem
MohammadZainuddin,D.Baswaraj 303
InternationalJournalofAdvancesinComputingandInformationTechnology
5.1Notifyingusersofblackliststatus
Userswhomakeuseofanonymizingnetworksexpecttheirconnectionstobeanonymous.Ifaserverobtainsaseedforthatuser,itcanlinkthatuser’ssubsequentconnections.Usersmustbenotifiedoftheirblacklistingstatus
before theypresentanymble ticket toa server. In thissystem,theusercandownloadtheblacklistandverify
whetherhe/sheisontheblacklist.Ifhe/sheisonthelist,thenusercandisconnectimmediately.
Intheabovefig,wecanseethatuser1isontheblacklistoftheserver.Hence,wheneveruser1triestoaccesstheserver,therewillbea“DenialofService”totheuser1.
5.2UserRegistration
Usermustfirstgetregisteredwiththepseudonymmanagerwithoutusinganonymizingnetworks.
Steps:-
• PseudonymManagerchecksiftheuserisallowedtoregister.
• PseudonymmanagermakessurethattheconnectionisnotfromknownTornode.
• PseudonymManagerreadsthecurrentlinkabilitywindow.
• Pseudonymmanagerthengives“pnym”totheuser.
• PseudonymManagerterminateswithsuccess.
• Theusersetshis/herstatusonreceivingpnymandterminateswithsuccess.
5.3ServerRegistration
Steps:-
• Serverinitiatesatype-AuthchanneltotheNymbleManager.
• ServerregisterswithNymbleManager.
• NymbleManagermakessurethattheserverisnotalreadyregistered.
• Ifit’salreadyregistered,thenNymbleManagerterminateswithfailure.
• Ifit’snotregisteredthenNymbleManagerreadsthecurrenttimeperiodandlinkabilitywindow.
• ServeronreceivingitsstatebyNymbleManagerrecordsitsstateandterminateswithsuccess.
7/29/2019 Appendix Paper Published
http://slidepdf.com/reader/full/appendix-paper-published 11/12
BlockingofMischievoususersinAnonymizingNetworksusingNymbleSystem
MohammadZainuddin,D.Baswaraj 304
InternationalJournalofAdvancesinComputingandInformationTechnology
FlowofControl
5.4GoalsofNymbleSystem
Nymbleaimsforfoursecuritygoals.Theyare:
• Blacklistability
• Rate-limiting
• Anonymity
• Non-frameability
5.4.1BlacklistabilityBlacklistability assures that any honest server can indeed blockmisbehaving users. Specifically, if an honest
servercomplainsaboutauserthatmisbehavedinthecurrentlinkabilitywindow,thecomplaintwillbesuccessful
andtheuserwillnotbeableto“nymble-connect,”i.e.,establishaNymble-authenticatedconnection,totheserversuccessfullyinsubsequenttimeperiods(followingthetimeofcomplaint)ofthatlinkabilitywindow.
5.4.2Rate-limitingRate-limitingassuresanyhonestserverthatnousercansuccessfullynymble-connecttoitmorethanoncewithin
anysingletimeperiod.
5.4.3AnonymityAnonymityprotectstheanonymousnatureofhonestusers,regardlessoftheirlegitimacyaccordingtotheserver.
7/29/2019 Appendix Paper Published
http://slidepdf.com/reader/full/appendix-paper-published 12/12
BlockingofMischievoususersinAnonymizingNetworksusingNymbleSystem
MohammadZainuddin,D.Baswaraj 305
InternationalJournalofAdvancesinComputingandInformationTechnology
5.4.4Non-frameabilityItguaranteesthat anyhonestuserwhois legitimateaccording toanhonest server cannymble-connectto that
server.Thispreventsanattackerfromframingalegitimatehonestuser.
5.5Conclusion
Efficient credential system called Nymble eliminated nearly all weaknesses and drawbacks in the previously
developedsystemstoagainmakealiveanonymizingnetworkswhichwasblockedbymanyserviceproviders.
Servers canblacklistmischievous userswhilemaintaining their privacythroughout thenetwork.Eventhough
therearestillsomeissuesrelatedtobackwardunlinkability,thissystemprovidesenormoussecurityproperties.
Hopethis newsystemwill bringmovement in theanonymizingnetworks’usageandincrease themainstream
acceptance of anonymizingnetworks such asTor, Crowds, I2P, etc. whichhas been completely blocked by
severalservicesbecauseofuserswhoabusetheiranonymity.
6.References
1. R.Dingledine,N.Mathewson, and P. Syverson, “Tor:The SecondGeneration OnionRouter,” Proc.
UsenixSecuritySymp.pp.303-320,Aug.2004.
2. TorProject,availableatwww.torproject.org,accessedduringJune2012.
3. Patrick P. Tsang, Apu Kapadia, and Sean W. Smith, “Nymble: Blocking Misbehaving Users inAnonymizingNetworks”IEEEMarch-April2011.
4. A.Lysyanskaya,R.L.Rivest,A.Sahai,andS.Wolf,“PseudonymSystems,”Proc.Conf.SelectedAreasinCryptography,Springer,pp.184-199,1999.
5. J.CamenischandA.Lysyanskaya,“AnEfficientSystemforNon-TransferableAnonymousCredentialswith Optional Anonymity Revocation,” Proc. Int’l Conf. Theory and Application of Cryptographic
Techniques(EUROCRYPT),Springer,pp.93-118,2001.
6. J. Camenisch and A. Lysyanskaya, “Signature Schemes and Anonymous Credentials from BilinearMaps,”Proc.Ann.Int’lCryptologyConf.(CRYPTO),Springer,pp.56-72,2004.
7. M.Bellare,H.Shi,andC.Zhang,“FoundationsofGroupSignatures:TheCaseofDynamicGroups,”Proc.Cryptographer’sTrackatRSAConf.(CT-RSA),Springer,pp.136-153,2005.
8. D. Chaum and E. van Heyst, “Group Signatures,” Proc. Int’l Conf. Theory and Application of
CryptographicTechniques(EUROCRYPT),pp.257-265,1991.
9. D. Boneh and H. Shacham, “Group Signatures with Verifier-Local Revocation,” Proc. ACM Conf.
ComputerandComm.Security,pp.168-177,2004.
10.D.Chaum,“ShowingCredentialswithoutIdentificationTransferringSignaturesbetweenUnconditionallyUnlinkablePseudonyms,”Proc.Int’lConf.Cryptology(AUSCRYPT),Springer,pp.246-264,1990.
11.C. Cornelius, A. Kapadia, P.P. Tsang, and S.W. Smith, “Nymble: Blocking Misbehaving Users inAnonymizingNetworks,”TechnicalReportTR2008-637,DartmouthCollege,ComputerScience,Dec.
2008.
12. I2P2,availableat,www.i2p2.de,accessedduringJune2012.