Nymble: Blocking Misbehaving Users Inanonymizing Networks

Nymble: Blocking Misbehaving Users inAnonymizing Networks

Abstract:

Anonymizing networks such as Tor allow users to access Internet services privately by using a series of routers to hidethe client’s IP address from the server. The success of such networks, however, has been limited by users employing this anonymityfor abusive purposes such as defacing popular websites. Website administrators routinely rely on IP-address blocking for disablingaccess to misbehaving users, but blocking IP addresses is not practical if the abuser routes through an anonymizing network. As aresult, administrators block all known exit nodes of anonymizing networks, denying anonymous access to misbehaving and behavingusers alike. To address this problem, we present Nymble, a system in which servers can “blacklist” misbehaving users, thereby blockingusers without compromising their anonymity. Our system is thus agnostic to different servers’ definitions of misbehavior — servers canblacklist users for whatever reason, and the privacy of blacklisted users is maintained.

Existing System

Existing users’ credentialsmust be updated, making it impractical.

Verifier-local revocation(VLR) fixes this shortcoming by requiringthe server (“verifier”) to perform only local updatesduring revocation.

Unfortunately, VLR requires heavycomputation at the server that is linear in the size of theblacklist.

Proposed System

We present a secure system called Nymble, which providesall the following properties: anonymous authentication, backward unlinkability, subjective blacklisting,fast authentication speeds, rate-limited anonymous connections,revocation auditability (where users can verifywhether they have been blacklisted), and also addressesthe Sybil attack to make its deployment practical

In Nymble, users acquire an ordered collection ofnymbles, a special type of pseudonym, to connect towebsites. Without additional information, these nymblesare computationally hard to link,and hence using thestream of nymbles simulates anonymous access to services.

Websites, however, can blacklist users by obtaininga seed for a particular nymble, allowing them to linkfuture nymbles from the same user — those used beforethe complaint remain unlinkable.

Servers can thereforeblacklist anonymous users without knowledge of theirIP addresses while allowing behaving users to connectanonymously. Our system ensures that users are awareof their blacklist status before they present a nymble,and disconnect immediately if they are blacklisted. Althoughour work applies to anonymizing networks ingeneral, we consider Tor for purposes of exposition. Infact, any number of anonymizing networks can rely onthe same Nymble system, blacklisting anonymous usersregardless of their anonymizing network(s) of choice

Advantages of Proposed System:

• Blacklisting anonymous users. We provide a meansby which servers can blacklist users of an anonymizingnetwork while maintaining their privacy.

• Practical performance. Our protocol makes use of inexpensive symmetric cryptographic operations tosignificantly outperform the alternatives.

• Open-source implementation. With the goal of contributinga workable system, we have built an opensourceimplementation of Nymble, which is publiclyavailable. We provide performance statisticsto show that our system is indeed practical.

Implemented Modules

1. Nymble Manager

Servers can thereforeblacklist anonymous users without knowledge of theirIP addresses while allowing behaving users to connectanonymously. Our system ensures that users are awareof their blacklist status before they present a nymble,and disconnect immediately if they are blacklisted. Althoughour work applies to anonymizing networks ingeneral, we consider Tor for purposes of exposition. Infact, any number of anonymizing networks can rely onthe same Nymble system, blacklisting anonymous usersregardless of their anonymizing network(s) of choice.

2. Pseudonym Manager

The user must first contact the Pseudonym Manager (PM)and demonstrate control over a resource; for IP-addressblocking, the user must connect to the PM directly (i.e.,not through a known anonymizing network), ensuring that the same pseudonym is always issued forthe same resource.

3. Blacklisting a user

Users who make use of anonymizing networks expecttheir connections to be anonymous. If a server obtainsa seed for that user, however, it can link that user’ssubsequent connections. It is of utmost importance, then,

that users be notified of their blacklist status before theypresent a nymble ticket to a server. In our system, theuser can download the server’s blacklist and verify herstatus. If blacklisted, the user disconnects immediately.

IP-address blocking employedby Internet services. There are, however, someinherent limitations to using IP addresses as the scarceresource. If a user can obtain multiple addresses she cancircumvent both nymble-based and regular IP-addressblocking. Subnet-based blocking alleviates this problem,and while it is possible to modify our system to supportsubnet-based blocking, new privacy challenges emerge;a more thorough description is left for future work.

4. Nymble-authenticated connection

Blacklistabilityassures that any honest server can indeed block misbehaving users. Specifically, if an honest server complains about a user that misbehaved in the current linkability window, the complaint will be successful and the user will not be able to “nymble-connect,” i.e., establish a Nymble-authenticated connection, to the server successfully in subsequent time periods (following the time of complaint) of that linkability window.

Rate-limiting assures any honest server that no usercan successfully nymble-connect to it more than oncewithin any single time period.Non-frameability guarantees that any honest userwho is legitimate according to an honest server cannymble-connect to that server. This prevents an attackerfrom framing a legitimate honest user, e.g., by gettingthe user blacklisted for someone else’s misbehavior. Thisproperty assumes each user has a single unique identity.

When IP addresses are used as the identity, it is possiblefor a user to “frame” an honest user who later obtainsthe same IP address. Non-frameability holds true onlyagainst attackers with different identities (IP addresses).

A user is legitimate according to a server if she has not been blacklisted by the server, and has not exceeded therate limit of establishing Nymble-connections. Honestservers must be able to differentiate between legitimateand illegitimate users.

Anonymity protects the anonymity of honest users, regardless of their legitimacy according to the (possiblycorrupt) server; the server cannot learn any more informationbeyond whether the user behind (an attempt tomake) a nymble-connection is legitimate or illegitimate

Hardware Requirements:

PROCESSOR : PENTIUM IV 2.6 GHz

RAM :512 MB DD RAM

MONITOR :15” COLOR

HARD DISK :20 GB

FLOPPY DRIVE :1.44 MB

CDDRIVE :LG 52X

KEYBOARD :STANDARD 102 KEYS

MOUSE :3 BUTTONS

Software Requirements:

Front End : Java, RMI, JFC (Swing)

Server : apache-tomcat-6.0.18(Web Server)

Backend : Ms-Access

Tools Used : Eclipse 3.3

Operating System: Windows XP/7

REFERENCE:

Patrick P. Tsang, Apu Kapadia, Cory Comelius and Sean W. Smith, “Nymble: Blocking Misbehaving Users in Anyonymizing Networks”, IEEE Transactions on Dependable and Secure Computing, Vol.8, No.2, March-April 2011.