An Effficient System for Blacklisting Misbehaving Users in Anonymizing Networks

Shared by: ajithkumarjak47

Tags

Stats

views:: 16
posted:: 7/26/2012
language:
pages:: 5

Public Domain

Document Sample

National Conference on Role of Cloud Computing Environment in Green Communication 2012 132

An Effficient System for Blacklisting
Misbehaving Users in Anonymizing Networks
Ajitha.K#1, Micheal Jebakumari.P *2
#1
II PG Student, Dept Of CSE,
The Rajaas Engineering College, Vadakkangulam
Anna University, Thirunelveli,
TamilNadu, India.
bhadranairtvm@gmail.com

*2
Lecturer, Dept Of CSE,
The Rajaas Engineering College, Vadakkangulam
Anna University, Thirunelveli,
TamilNadu, India.
sustains such anonymity in hostile environments,
Abstract— Anonymizing networks such as Tor (The against both malicious participants
Onion Router) allow users to access Internet services
privately by using a series of routers to hide the client’s
IP address from the server. Tor is a system intended to
enable online anonymity. It is intended to protect users'
personal freedom, privacy and ability to conduct and global eavesdroppers. Most application on the
confidential business. The success of such networks, has Internet is essentially done anonymously, using
been limited by users employing this anonymity for unidentifiable pseudonyms. The online encyclopaedia
abusive purposes such as defacing popular Web sites. Wikipedia is collaboratively written mostly by
Web site administrators routinely rely on IP-address authors using either unidentifiable pseudonyms or IP
blocking for disabling access to misbehaving users, but address identifiers, although a few have used
blocking IP addresses is not practical if the abuser identified pseudonyms or their real names.
routes through an anonymizing network. As a result,
administrators block all known exit nodes of
Tor and other anonymizing networks route traffic
anonymizing networks, denying anonymous access to
misbehaving and behaving users alike. To address this through independent nodes to hide a client’s IP
problem, we present Nymble, a system in which servers address, thereby being a system intended to enable
can blacklist misbehaving users, thus blocking users online anonymity. Tor client software routes Internet
without compromising their anonymity. traffic through a worldwide volunteer network of
servers in order to conceal a user's location or usage
Keywords — Anonymous blacklisting, privacy, from someone conducting network surveillance or
revocation, credentials, unlinkability. traffic analysis. Using Tor makes it more difficult to
trace internet activity, including visits to Web sites,
online posts, instant messages and other
I. INTRODUCTION communication forms, to the user. It is intended to
protect users' personal freedom, privacy, and ability
Applications, such as e-voting, e-cash, electronic to conduct confidential business by keeping their
coupons often need to allow users to anonymously internet activities from being monitored. Onion
use these to protect privacy. If an application routing refers to the layered nature of the encryption
provider authenticates each user by receiving the service: the original data is encrypted and re-
user's signature when the user accesses it, a problem encrypted multiple times, then sent through
arises in that the provider is able to know who is successive tor relays, each one of which decrypts a
using the application. Anonymizing network provides layer of encryption before passing it on to the next
a flexible layer for sender, recipient, and relationship relay and ultimately the destination. This reduces the
anonymity, even when operating in real-time. It possibility of the original data being unscrambled or
understood in transit.

Department of CSE, Sun College of Engineering and Technology
National Conference on Role of Cloud Computing Environment in Green Communication 2012 133

Tor aims to conceal its users' identities and their blacklist if a user misbehaves. Unfortunately, this
network activity from surveillance and traffic approach results in pseudonymity for all users, and
analysis by separating identification and routing. It is weakens the anonymity provided by the underlying
an implementation of onion routing, which encrypts anonymizing network.
and then randomly bounces every communications
through a network of various relays run by 2) Anonymous Credential System
volunteers throughout the globe. These onion routers This system uses group signatures for anonymous
employ encryption in a multi-layered manner to authentication, where servers revoke a misbehaving
ensure perfect forward secrecy between relays, user’s anonymity by complaining to a group
thereby providing users with anonymity in network manager. But these systems lack scalability because
location. That anonymity extends to the hosting of servers must query the group manager for every
censorship-resistant content via Tor's anonymous authentication.
hidden service feature. By keeping some of the entry
relays secret (bridge relays), users can evade Internet 3) Traceable signatures
censorship that relies upon blocking public Tor This system allows the group manager to release a
relays. trapdoor that allows all signatures generated by a
particular user to be traced. This approach does not
Some users have misused such networks. Under provide the backward unlinkability, where a user’s
the cover of anonymity, users have repeatedly accesses before the complaint remain anonymous.
defaced popular Web sites such as Wikipedia. Since Careful attention is to be paid when and why a user
Web site administrators cannot blacklist individual must have all their connections linked, and users
malicious users’ IP addresses, they blacklist the must also worry about whether their (mis)behaviors
entire anonymizing network. Such measures will be judged fairly.
eliminate malicious activity at the cost of denying
4) Subjective Blacklisting
anonymous access to behaving users. In other words,
a few “bad apples” can spoil the fun for all. This approach is better suited to servers such as
Wikipedia, where misbehaviors such as questionable
An attack that is capable of revealing the IP edits to a webpage, are hard to define in
addresses of BitTorrent users on the Tor network is mathematical terms. In some systems, misbehavior
named as the "bad apple attack". This attack exploits can indeed be defined precisely. For instance, double-
Tor's design and takes advantage of insecure spending of an “e-coin” is considered as a
application use to associate the simultaneous usage of misbehavior in anonymous e-cash systems following
a secure application with the IP address of the Tor which the offending user is deanonymized. Such
user in question. One method of attack depends on systems work for only narrow definitions of
control of an exit node or hijacking tracker responses, misbehaviour. It is difficult to map more complex
while a secondary attack method is based in part on notions of misbehavior onto “double spending” or
the statistical exploitation of distributed hash table related approaches.
tracking. 5) Dynamic Accumulators
This attack against Tor consists of two parts: In this approach a revocation operation results in a
 exploiting an insecure application to reveal new accumulator and public parameters for the
the group, and all other existing users’ credentials must
source IP address of a Tor user be updated. But these systems are difficult to manage
in practical settings.
 exploiting Tor to associate the usage of a
secure 6) Verifier- Local Revocation(VLR)
application with the IP address of a user.
This approach requires that the server (“verifier”)
perform only local updates during revocation. VLR
II. EXISTING SYSTEMS requires heavy computation at the server that is linear
in the size of the blacklist.
There are several solutions to the presented
problem that provide some degree of accountability. III. PROPOSED SYSTEM
1) Pseudonymous Credential System
In this system the users are required to log into A. Our Solution
websites using pseudonyms, which can be added to a

Department of CSE, Sun College of Engineering and Technology
National Conference on Role of Cloud Computing Environment in Green Communication 2012 134

operations to significantly outperform the
The proposed system presents a secure system alternatives.
called Nymble, which provides all the following
properties: anonymous authentication, backward
unlinkability, subjective blacklisting, fast
authentication speeds, rate limited anonymous B. Architecture
connections, revocation auditability (where users can
verify whether they have been blacklisted), and also The architecture shows the various modes of
addresses the Sybil attack to make its deployment interaction.
practical.

In Nymble, users acquire an ordered collection of
nymbles, a special type of pseudonym, to connect to
websites. Without additional information, these
nymbles are computationally hard to link, and hence
using the stream of nymbles simulates anonymous
access to services. Websites can blacklist users by
obtaining a seed for a particular nymble, allowing
them to link future nymbles from the same user,
those used before the complaint remain unlinkable.
Servers can therefore blacklist anonymous users
without knowledge of their IP addresses while
allowing behaving users to connect anonymously.

The system ensures that users are aware of their
blacklist status before they present a nymble, and
disconnect immediately if they are blacklisted.
Although the work applies to anonymizing networks
in general, consider Tor for purposes of exposition.
In fact, any number of anonymizing networks can
rely on the same Nymble system, blacklisting Fig. 1 Nymble system architecture
anonymous users regardless of their anonymizing
network(s) of choice.
The user must first contact the Pseudonym
The proposed system makes the following Manager (PM) and demonstrate control over a
contributions: resource; for IP-address blocking, the user is required
to connect to the PM directly (i.e., not through a
 Blacklisting anonymous users: The known anonymizing network), as shown in Fig:1 .
system provides a means by which We assume the PM has knowledge about Tor routers,
servers can blacklist users of an for example, and can ensure that users are
anonymizing network while maintaining communicating with it directly.
their privacy.
Pseudonyms are deterministically chosen based on
 Practical performance: The system will the controlled resource, ensuring that the same
see widespread adoption only if its pseudonym is always issued for the same resource.
performance is acceptable at the server. Note that the user does not disclose what server he or
Our protocol makes use of inexpensive she intends to connect to, and therefore the user’s
symmetric cryptographic operations to connections are anonymous to the PM. The PM’s
significantly outperform the alternatives. duties are limited to mapping IP addresses to
pseudonyms. The user contacts the PM only once per
 Open-source implementation: The linkability window (e.g., once a day).
system will see widespread adoption only
if its performance is acceptable at the After obtaining a pseudonym from the PM, the
user connects to the Nymble Manager (NM) through
server. The protocol makes use of
the anonymizing network, and requests nymbles for
inexpensive symmetric cryptographic
access to a particular server (such as Wikipedia).

Department of CSE, Sun College of Engineering and Technology
National Conference on Role of Cloud Computing Environment in Green Communication 2012 135

Nymbles are generated using the user’s pseudonym
and the server’s identity. The user’s connections,
therefore, are pseudonymous to the NM (as long as
the PM and the NM do not collude) since the NM
knows only the pseudonym-server pair, and the PM
knows only the IP address-pseudonym pair. Due to
the pseudonym assignment by the PM, nymbles are
bound to the user’s IP address and the server’s
identity.

To provide the requisite cryptographic protection
and security properties (e.g., users should not to be
able to fabricate their own nymbles), the NM
encapsulates nymbles within nymble tickets. Servers
wrap seeds into linking tokens and are being used to
link future nymble tickets. Nymble tickets are bound
to specific time periods. The system time is divided
into linkability windows of duration W, each of Fig. 2 The life cycle of a misbehaving user
which is split into L time periods of duration T (i.e.,
W = L* T ). Time periods and linkability windows
are referred as t1, t2, . . . , tL and w1, w2, . . . Servers update their blacklists for the current time
respectively. period for two purposes. First, the server needs to
provide the user with its blacklist (and blacklist
While a user’s access within a time period is tied certificate) for the current time period during a
to a single nymble ticket, the use of different nymble Nymble-connection establishment. Second, the server
tickets across time periods grants the user anonymity needs to be able to blacklist the misbehaving users by
between time periods. The smaller time periods processing the newly filed complaints (since last
provide users with higher rates of anonymous update).
authentication, and likewise longer time periods rate-
limit the number of misbehaviors from a particular The procedure for updating blacklists (and their
user before he or she is blocked. certificates) differs depending on whether complaints
are involved. At a high level, there are two cases:
The linkability window serves two purposes:
1) Without Complaints: When there is no
 It allows for dynamism since resources such complaint
as IP (i.e., the server’s complaint-tickets is empty),
addresses can get reassigned to different blacklists stay unchanged; the certificates need only a
well- “light refreshment.”
behaved users, making it undesirable to
blacklist 2) With Complaints: When there are
such resources indefinitely. complaints, on
 It ensures forgiveness of misbehavior after a the other hand, new entries are added to the blacklists
certain and certificates need to be regenerated.
period of time.

If at some later time the server desires to blacklist
IV. CONCLUSION
the user behind a Nymble-connection, during the
establishment of which the server collected ticket
from the user, the server files The work deals with blacklisting anonymous
a complaint by appending ticket to complaint-tickets authentication for limiting Sybil attack by means of
in its server state. Filed complaints are batched up. random numbers called nymbles. It incorporates all
They are processed during the next blacklist update. the advantages of anonymous credential systems and
pseudonymous credential systems. Servers can
blacklist misbehaving users while maintaining their
The life cycle of a misbehaving user is as shown in privacy and the work shows how these properties can
Fig 2. be attained in a way that is practical, efficient, and

Department of CSE, Sun College of Engineering and Technology
National Conference on Role of Cloud Computing Environment in Green Communication 2012 136

sensitive to the needs of both users and services. We (ASIACRYPT), Springer, pp. 533-548, 2005. 268 IEEE
TRANSACTIONS ON DEPENDABLE AND SECURE
hope that the proposed work will increase the
COMPUTING, VOL. 8, NO. 2, MARCH-APRIL 2011
mainstream acceptance of anonymizing networks [17] I. Teranishi, J. Furukawa, and K. Sako, “k-Times
such as Tor, which has, thus far, been Anonymous Authentication (Extended Abstract),” Proc.
completely blocked by several services because of Int’l Conf. Theory and Application of Cryptology and
Information Security (ASIACRYPT), Springer, pp. 308-
users who abuse their anonymity.
322, 2004.
[18] P.P. Tsang, M.H. Au, A. Kapadia, and S.W. Smith,
“Blacklistable Anonymous Credentials: Blocking
REFERENCES Misbehaving Users without TTPs,” Proc. 14th ACM Conf.
[1] Patric P. Tsang, Apu Kapadia, Corny Cornelius, Sean W Computer and Comm. Security (CCS ’07), pp. 72-81, 2007.
Smith “Nymble: Blocking Misbehaving Users in
Anonymizing Network” IEEE Transactions on Dependable
and Secure Computing, March-April 2011.
[2] G. Ateniese, J. Camenisch, M. Joye, and G. Tsudik, “A
Practical and Provably Secure Coalition-Resistant Group
Signature, Scheme,” Proc. Ann. Int’l Cryptology Conf.
(CRYPTO), Springer, pp. 255-270, 2000.
[3] M. Bellare, R. Canetti, and H. Krawczyk, “Keying Hash
Functions for Message Authentication,” Proc. Ann. Int’l
Cryptology Conf. (CRYPTO), Springer, pp. 1-15, 1996.
[4] M. Bellare, H. Shi, and C. Zhang, “Foundations of Group
Signatures: The Case of Dynamic Groups,” Proc.
Cryptographer’s Track at RSA Conf. (CT-RSA), Springer,
pp. 136-153, 2005.
[5] D. Boneh and H. Shacham, “Group Signatures with
Verifier-Local Revocation,” Proc. ACM Conf. Computer
and Comm. Security, pp. 168-177, 2004.
[6] E. Bresson and J. Stern, “Efficient Revocation in Group
Signatures,” Proc. Conf. Public Key Cryptography,
Springer, pp. 190-206, 2001.
[7] J. Camenisch and A. Lysyanskaya, “An Efficient System for
Non- Transferable Anonymous Credentials with Optional
Anonymity Revocation,” Proc. Int’l Conf. Theory and
Application of Cryptographic Techniques (EUROCRYPT),
Springer, pp. 93-118, 2001.
[8] J. Camenisch and A. Lysyanskaya, “Dynamic Accumulators
and Application to Efficient Revocation of Anonymous
Credentials,” Proc. Ann. Int’l Cryptology Conf. (CRYPTO),
Springer, pp. 61-76, 2002
[9] J. Camenisch and A. Lysyanskaya, “Signature Schemes and
Anonymous Credentials from Bilinear Maps,” Proc. Ann.
Int’l Cryptology Conf. (CRYPTO), Springer, pp. 56-72,
2004
[10] C. Cornelius, A. Kapadia, P.P. Tsang, and S.W. Smith,
“Nymble: Blocking Misbehaving Users in Anonymizing
Networks,” Technical Report TR2008-637, Dartmouth
College, Computer Science, Dec. 2008.
[11] R. Dingledine, N. Mathewson, and P. Syverson, “Tor: The
Second- Generation Onion Router,” Proc. Usenix Security
Symp., pp. 303- 320, Aug. 2004.
[12] J.R. Douceur, “The Sybil Attack,” Proc. Int’l Workshop on
Peer-to- Peer Systems (IPTPS), Springer, pp. 251-260,
2002.
[13] J.E. Holt and K.E. Seamons, “Nym: Practical Pseudonymity
for Anonymous Networks,” Internet Security Research Lab
Technical Report 2006-4, Brigham Young Univ., June
2006.
[14] P.C. Johnson, A. Kapadia, P.P. Tsang, and S.W. Smith,
“Nymble: Anonymous IP-Address Blocking,” Proc. Conf.
Privacy Enhancing Technologies, Springer, pp. 113-133,
2007.
[15] A. Lysyanskaya, R.L. Rivest, A. Sahai, and S. Wolf,
“Pseudonym Systems,” Proc. Conf. Selected Areas in
Cryptography, Springer, pp. 184-199, 1999.
[16] T. Nakanishi and N. Funabiki, “Verifier-Local Revocation
Group Signature Schemes with Backward Unlinkability
from Bilinear Maps,” Proc. Int’l Conf. Theory and
Application of Cryptology and Information Security

Department of CSE, Sun College of Engineering and Technology