68-74
NYMBLE: Blocking Misbehaving Users in Anonymizing Networks
Authors: - R.Ravikumar, J.Ramesh Kumar
Number of views: 989
Nymble, a system in which servers can blacklist misbehaving users, thereby blocking users
without compromising their anonymity. Our system is thus agnostic to different servers’ definitions of
misbehavior servers can blacklist users for whatever reason, and the privacy of blacklisted users is
maintained. In pseudonymous credential systems users log into Web sites using pseudonyms, which
can be added to a blacklist if a user misbehaves. Anonymous credential systems employ group
signatures. Basic group signatures allow servers to revoke a misbehaving user’s anonymity by
complaining to a group manager. Anonymizing networks such as Tor allow users to access Internet
services privately by using a series of routers to hide the client’s IP address from the server. The
success of such networks, however, has been limited by users employing this anonymity for abusive
purposes such as defacing popular Web sites. Web site administrators routinely rely on IP-address
blocking for disabling access to misbehaving users, but blocking IP addresses is not practical if the
abuser routes through an anonymizing network. As a result, administrators block all known exit nodes
of anonymizing networks, denying anonymous access to misbehaving and behaving users alike. a
secure system called Nymble, which provides anonymous authentication, backward unlinkability,
subjective blacklisting, fast authentication speeds, rate-limited anonymous connections, revocation
auditability that is the users can verify whether they have been blacklisted, Nymble thus represents a
practical solution for blocking misbehaving users of anonymizing networks. The user must first
contact the Pseudonym Manager (PM) and demonstrate control over a resource; for IP-address
blocking, the user must connect to the PM directly. We assume the PM has knowledge about Tor
routers, and can ensure that users are communicating with it directly. Pseudonyms are deterministically
chosen based on the controlled resource, ensuring that the same pseudonyms always issued for the
same resource.