Abstract

In this paper, we develop a new system to enable service providers, such as website operators, on the Internet to restrict past abusive users of anonymizing networks (for example, Tor) from further causing trouble behavior, without compromising their security, and while maintain the security of all of the uncorruptusers. This system provides a security-preserving analogy of IP address banning, and is modeled after the well-known Nymble system. Nymble is a system that provides a restricting mechanism to a server to protect it from unauthorized users connecting through anonymizing networks such as Tor. Anonymous networks allow anyone to visit the public locations of the network. With this users access the Internet services through a series of routers. , this hides the user’s fact of remaining the same one and IP address from the server. This is the advantage for the disruptive behaviouring users to destroy popular websites. To avoid this, servers may try to block the bad user, but it is not possible in case of anonymous networks. In such categories, if the abuser routes through to carry outnetwork, administrators restrict all known exit nodes of to carry out networks, denying anonymous access to disruptivemisbehaving and behaving users. Toconflict this problem, a nymble system is designed in which servers can suspicion the bad users without compromising their quality. This paper explains the idea that the different service providers have different suspicioning policies. For example, Wikipedia might want to obstruction a user one day for the first disruptivemisbehavior, one week for the second one, etc. In order to do this, we have to propose a dynamic link ability window whose length can be increased exponentially. Thus, at the start of each likability window, all service providers must reset their suspicions and forgive all prior disruptivemisbehavior. Keywords:Anonymous blacklisting, security, revocation, Psedonymous systems, anonymous credential systems.

References

[1] Johnson, P.C., Kapadia, A., Tsang, P.P., Smith, S.W.: Nymble: Anonymous IP-address blocking. In: Borisov, N., Golle, P. (eds.) Privacy Enhancing Technologies. Lecture Notes in Computer Science, vol. 4776, pp. 113{133. Springer (June 2007)

[2] B. Gedik and L. Liu, “Protecting location privacy with personalized k-anonymity: Architecture and algorithms,” IEEE TMC,vol. 7, no. 1, pp. 1.18, 2008.

[3] Holt, J.E., Seamons, K.E.: Nym: Practical pseudonymity for anonymous networks. Internet Security Research Lab Technical Report 2006-4, Brigham Young University, Provo, UT, USA (June 2006)

[4] Brickell, E., Li, J.: Enhanced Privacy ID: A direct anonymous attestation scheme with enhanced revocation capabilities. In: Ning, P., Yu, T. (eds.) WPES. pp. 21{30. ACM (2007)

[5]Dingledine, R. harma@freehaven.neti: Re: Banned from Slashdot, http://archives.seul.org/or/talk/Jun2005/msg00002.html, [Private e-mail message to Jamie McCarthy; 01-June-2005.

[6] J. Feigenbaum, A. Johnson, and P.F. Syverson, “A Model of Onion Routing with Provable Anonymity,” Proc. Conf. Financial Cryptography, Springer, pp. 57-71, 2007.

[7] Lewman, A. handrew@torproject.orgi: Re: Talking w/local service CEOs [LJ, goog...], http://marc.info/?l=tortalk&m=126137307104914&w=2, [Private e-mail message to hgrarpamp@gmail.comi; 21-December2009]

[8] C. Cornelius, A. Kapadia, P.P. Tsang, and S.W. Smith, “Nymble: Blocking Misbehaving Users in Anonymizing Networks,” Technical Report TR2008-637, Dartmouth College, Computer Science, Dec. 2008.

[9] CmdrTaco: Slashdot FAQ - accounts, http://slashdot.org/faq/accounts.shtml#ac900, [Online; accessed 11-January-2010; modified 02-July-2002]

[10] D. Chaum, “Showing Credentials without Identification Transfeering Signatures between Unconditionally Unlinkable Pseudonyms,” Proc. Int’l Conf. Cryptology (AUSCRYPT), Springer, pp. 246-264, 1990.