PERM: Practical Reputation-Based Blacklisting without TTPs (original) (raw)
BLACR: TTP-Free Blacklistable Anonymous Credentials with Reputation
2011
Abstract Anonymous authentication can give users the license to misbehave since there is no fear of retribution. As a deterrent, or means to revocation, various schemes for accountable anonymity feature some kind of (possibly distributed) trusted third party (TTP) with the power to identify or link misbehaving users.
PEREA: Practical TTP-free revocation of repeatedly misbehaving anonymous users
2011
Abstract Several anonymous authentication schemes allow servers to revoke a misbehaving user's ability to make future accesses. Traditionally, these schemes have relied on powerful Trusted Third Parties (TTPs) capable of deanonymizing (or linking) users' connections. Such TTPs are undesirable because users' anonymity is not guaranteed, and users must trust them to judge misbehaviors fairly.
Evaluating the Working of Blocking Misbehaving Users in Anonymous N/Ws
2012
Several anonymous authentication schemes allow servers to revoke a misbehaving user’s ability to make future accesses. Traditionally, these schemes have relied on powerful, capable of deanonymizing (or linking) users’ connections. Recent schemes such as Blacklist able Anonymous Credencetials and Enhanced Privacy ID support \privacy-enhanced revocation” | servers can revoke misbehaving users without a tor involvement, and without learning the revoked users’ identities. In BLAC and EPID, however, the computation required for authentication at the server is linear in the size of the revocation list. We propose a new anonymous authentication scheme for which this bottleneck computation is independent of the size of the revocation list. Instead, the time complexity of authentication is linear in the size of a revocation window, the number of subsequent authentications before which a user’s misbehavior must be recognized if the user is to be revoked. We prove the security of our construct...
Secure system to Anonymous Blacklisting
— In this paper the secure system adds a layer of accountability to any publicly known anonymizing network is proposed. Servers can blacklist misbehaving users while maintaining their privacy and this system shows that how these properties can be attained in a way that is practical, efficient, and sensitive to the needs of both users and services. This work will increase the mainstream acceptance of anonymizing networks such as Tor, which has, thus far, been completely blocked by several services because of users who abuse their anonymity. In future the Nymble system can be extended to support Subnet-based blocking. If a user can obtain multiple addresses, then nymble-based and regular IP-address blocking not supported. In such a situation subnet-based blocking is used. Other resources include email addresses, client puzzles and e-cash, can be used, which could provide more privacy. The system can also enhanced by supporting for varying time periods.
AN APPROACH TO REVOKE BLACKLISTED ANONYMOUS CREDENTIAL USERS THROUGH TTP
iaeme
Many of us use the Internet on a daily basis for purposes ranging from accessing information to electronic commerce and e-banking to interactions with government bodies. This requires that transactions are securely authenticated, and that we protect privacy by not revealing more about ourselves than necessary. Anonymous credentials promise to address both of these seemingly opposing requirements at the same time. Anonymous authentication can give users the ability to misbehave since there is no fear of retribution. To tackle such misbehaving users several schemes have been proposed that strike different tradeoffs between privacy and accountability. In this paper, we significantly make an attempt to generalize the basic form of revocation amounting to “revoke anybody on the blacklist” immediately through our proposed scheme. Depending on the type of misbehaving action we also consider revocation based on the threshold value of number of negative credits of a user
BLAC: Revoking repeatedly misbehaving anonymous users without relying on TTPs
2010
Abstract Several credential systems have been proposed in which users can authenticate to service providers anonymously. Since anonymity can give users the license to misbehave, some variants allow the selective deanonymization (or linking) of misbehaving users upon a complaint to a Trusted Third Party (TTP). The ability of the TTP to revoke a user's privacy at any time, however, is too strong a punishment for misbehavior.
IJARCSSE, 2013
ion, backward unlinkability, subjective blacklisting, fast authentication speeds, rate-limited anonymous connections, revocation auditability (where users can verify whether they have been blacklisted), and also addresses the Sybil attack to make its deployment practical. In Nymble, users acquire an ordered collection of nymbles,a special type of pseudonym, to connect toWebsites. Without additional information, these nymbles are computationally hard to link,4 and hence, using the stream of nymbles simulates anonymous access to services. Web sites, however, can blacklist users by obtaining a seed for a particular nymble, allowing them to link future nymbles from the same user—those used before the complaint remains unlinkable. Servers can therefore blacklist anonymous users without knowledge of their IP addresses while allowing behaving users to connect anonymously. Our system ensures that users are aware of their blacklist status before they present a nymble, and disconnect immediately if they are blacklisted. Although our work applies to anonymizing networks in general, we consider Tor for purposes of exposition. In fact, any number of anonymizing networks can rely on the same Nymble system, blacklisting anonymous users regardless of their anonymizing network(s) of choice.
NYMBLE: Providing Anonymity to Users and Blocking Misbehaving Users
2014
In this paper we present a anonymous network named "NYMBLE", in this network users can access the network without providing their I.P address. Their I.P address will be hidden and any user misbehaving in the network will be blocked when a complaint will be received against the user. The system which we aim to develop in this project is the Nymble System Commanded by Deskstop Application. The aim of this project is to create a anonymous network. In this network the IP-address of the user will be hidden to provide anonymity and also to block access to misbehaving users in anonymous network. Here, we present a system "Nymble" in which servers can blacklist the misbehaving users, that is blocking users without compromising their anonymity. There are many anonymous network which allow users to access Internet services privately by using a series of routers for example "TOR". These routers hide the client's IP address from the server. The success of these...
NYMBLE: Blocking Misbehaving Users in Anonymizing Networks
Nymble, a system in which servers can blacklist misbehaving users, thereby blocking users without compromising their anonymity. Our system is thus agnostic to different servers' definitions of misbehavior servers can blacklist users for whatever reason, and the privacy of blacklisted users is maintained. In pseudonymous credential systems users log into Web sites using pseudonyms, which can be added to a blacklist if a user misbehaves. Anonymous credential systems employ group signatures. Basic group signatures allow servers to revoke a misbehaving user's anonymity by complaining to a group manager. Anonymizing networks such as Tor allow users to access Internet services privately by using a series of routers to hide the client's IP address from the server. The success of such networks, however, has been limited by users employing this anonymity for abusive purposes such as defacing popular Web sites. Web site administrators routinely rely on IP-address blocking for disabling access to misbehaving users, but blocking IP addresses is not practical if the abuser routes through an anonymizing network. As a result, administrators block all known exit nodes of anonymizing networks, denying anonymous access to misbehaving and behaving users alike. a secure system called Nymble, which provides anonymous authentication, backward unlinkability, subjective blacklisting, fast authentication speeds, rate-limited anonymous connections, revocation auditability that is the users can verify whether they have been blacklisted, Nymble thus represents a practical solution for blocking misbehaving users of anonymizing networks. The user must first contact the Pseudonym Manager (PM) and demonstrate control over a resource; for IP-address blocking, the user must connect to the PM directly. We assume the PM has knowledge about Tor routers, and can ensure that users are communicating with it directly. Pseudonyms are deterministically chosen based on the controlled resource, ensuring that the same pseudonyms always issued for the same resource.