Nymble: Blocking Misbehaving Users in Anonymizing Networks
Anonymizing networks such as Tor allow users to access Internet services privately by using a series of routers to hide the client’s IP address from the server. The success of such networks, however, has been limited by users employing this anonymity for abusive purposes such as defacing popular websites. Website administrators routinely rely on IP-address blocking for disabling access to misbehaving users, but blocking IP addresses is not practical if the abuser routes through an anonymizing network. As a result, administrators block all known exit nodes of anonymizing networks, denying anonymous access to misbehaving and behaving users alike. To address this problem, we present Nymble, a system in which servers can “blacklist” misbehaving users, thereby blocking users without compromising their anonymity. Our system is thus agnostic to different servers’ definitions of misbehavior — servers can blacklist users for whatever reason, and the privacy of blacklisted users is maintained.
Existing users’ credentials must be updated, making it impractical.
Verifier-local revocation (VLR) fixes this shortcoming by requiring the server (“verifier”) to perform only local updates during revocation.
Unfortunately, VLR requires heavy computation at the server that is linear in the size of the blacklist.
We present a secure system called Nymble, which provides all the following properties: anonymous authentication, backward unlinkability, subjective blacklisting, fast authentication speeds, rate-limited anonymous connections, revocation auditability (where users can verify whether they have been blacklisted), and also addresses the Sybil attack to make its deployment practical
In Nymble, users acquire an ordered collection of nymbles, a special type of pseudonym, to connect to websites. Without additional information, these nymbles are computationally hard to link, and hence using the stream of nymbles simulates anonymous access to services.
Websites, however, can blacklist users by obtaining a seed for a particular nymble, allowing them to link future nymbles from the same user — those used before the complaint remain unlinkable.
Servers can therefore blacklist anonymous users without knowledge of their IP addresses while allowing behaving users to connect anonymously. Our system ensures that users are aware of their blacklist status before they present a nymble, and disconnect immediately if they are blacklisted. Although our work applies to anonymizing networks in general, we consider Tor for purposes of exposition. In fact, any number of anonymizing networks can rely on the same Nymble system, blacklisting anonymous users regardless of their anonymizing network(s) of choice
Advantages of Proposed System:
• Blacklisting anonymous users. We provide a means by which servers can blacklist users of an anonymizing network while maintaining their privacy.
• Practical performance. Our protocol makes use of inexpensive symmetric cryptographic operations to significantly outperform the alternatives.
• Open-source implementation. With the goal of contributing a workable system, we have built an open source implementation of Nymble, which is publicly available. We provide performance statistics to show that our system is indeed practical.
1. Nymble Manager
Servers can therefore blacklist anonymous users without knowledge of their IP addresses while allowing behaving users to connect anonymously. Our system ensures that users are aware of their blacklist status before they present a nymble, and disconnect immediately if they are blacklisted. Although our work applies to anonymizing networks in general, we consider Tor for purposes of exposition. In fact, any number of anonymizing networks can rely on the same Nymble system, blacklisting anonymous users regardless of their anonymizing network(s) of choice.
2. Pseudonym Manager
The user must first contact the Pseudonym Manager (PM) and demonstrate control over a resource; for IP-address blocking, the user must connect to the PM directly (i.e., not through a known anonymizing network), ensuring that the same pseudonym is always issued for the same resource.
3. Blacklisting a user
Users who make use of anonymizing networks expect their connections to be anonymous. If a server obtains a seed for that user, however, it can link that user’s subsequent connections. It is of utmost importance, then,
that users be notified of their blacklist status before they present a nymble ticket to a server. In our system, the user can download the server’s blacklist and verify her status. If blacklisted, the user disconnects immediately.
IP-address blocking employed by Internet services. There are, however, some inherent limitations to using IP addresses as the scarce resource. If a user can obtain multiple addresses she can circumvent both nymble-based and regular IP-address blocking. Subnet-based blocking alleviates this problem, and while it is possible to modify our system to support subnet-based blocking, new privacy challenges emerge; a more thorough description is left for future work.
4. Nymble-authenticated connection
Blacklistability assures that any honest server can indeed block misbehaving users. Specifically, if an honest server complains about a user that misbehaved in the current linkability window, the complaint will be successful and the user will not be able to “nymble-connect,” i.e., establish a Nymble-authenticated connection, to the server successfully in subsequent time periods (following the time of complaint) of that linkability window.
Rate-limiting assures any honest server that no user can successfully nymble-connect to it more than once within any single time period. Non-frameability guarantees that any honest user who is legitimate according to an honest server can nymble-connect to that server. This prevents an attacker from framing a legitimate honest user, e.g., by getting the user blacklisted for someone else’s misbehavior. This property assumes each user has a single unique identity.
When IP addresses are used as the identity, it is possible for a user to “frame” an honest user who later obtains the same IP address. Non-frameability holds true only against attackers with different identities (IP addresses).
A user is legitimate according to a server if she has not been blacklisted by the server, and has not exceeded the rate limit of establishing Nymble-connections. Honest servers must be able to differentiate between legitimate and illegitimate users.
Anonymity protects the anonymity of honest users, regardless of their legitimacy according to the (possibly corrupt) server; the server cannot learn any more information beyond whether the user behind (an attempt to make) a nymble-connection is legitimate or illegitimate
PROCESSOR : PENTIUM IV 2.6 GHz
RAM : 512 MB DD RAM
MONITOR : 15” COLOR
HARD DISK : 20 GB
FLOPPY DRIVE : 1.44 MB
CDDRIVE : LG 52X
KEYBOARD : STANDARD 102 KEYS
MOUSE : 3 BUTTONS
Front End : Java, RMI, JFC (Swing)
Server : apache-tomcat-6.0.18(Web Server)
Backend : Ms-Access
Tools Used : Eclipse 3.3
Operating System: Windows XP/7
Patrick P. Tsang, Apu Kapadia, Cory Comelius and Sean W. Smith, “Nymble: Blocking Misbehaving Users in Anyonymizing Networks”, IEEE Transactions on Dependable and Secure Computing, Vol.8, No.2, March-April 2011.