pro
TRANSCRIPT
1
NYMBLE: BLOCKING MISBEHAVING USERS IN ANONYMIZING NETWORKS
Under the guidance of:
Mr.Chandrashekhar.Adki Submitted By:
Smita (3AE08CS038)Supriya (3AE08CS041)Saba (3AE07CS041)Sarojini (3AE07CS037)
2
CONTENTS• Abstract• Existing system and its drawbacks.• Proposed system• Requirements• Modules• Properties• Blacklisting• Advantages• Disadvantages• Conclusion• References
3
ABSTRACT
Anonymizing networks such as Tor allow users to access Internet services privately by using a series of routers to hide the client’s IP address from the server. The success of such networks, however, has been limited by users employing this anonymity for abusive purposes such as defacing popular Web sites. To address this problem, we present Nymble, a system blocking users without compromising their anonymity
4
EXISTING SYSTEM
•Anonymous credential systems employ group
signatures. Basic group signatures allow servers
to revoke a misbehaving user’s anonymity by
complaining to a group manager
• Verifier-local revocation (VLR) fixes this
shortcoming by requiring the server (“verifier”)
to perform only local updates during revocation
5
DRAWBACKS OF EXISTING SYSTEM
•Unfortunately, VLR requires heavy
computation at the server
•Also the privacy of the user is not
maintained
•The speed of authentication in the VLR
systems was also an issue
6
THE PROPOSED SYSTEM
•To address all the problems faced by the
previous system a secure system called Nymble
was proposed
• In Nymble, users acquire an ordered collection
of nymbles, using the stream of nymbles
simulates anonymous access to services
7
THE PROPOSED SYSTEM(Contd..)
•Servers can blacklist anonymous users
without knowledge of their IP addresses
while allowing behaving users to connect
anonymously
• The system ensures that users are aware
of their blacklist status before they present
a nymble
8
THE NYMBLE SYSTEM
9
HARDWARE REQUIREMENTS•PROCESSOR :PENTIUM IV 2.6
GHz•RAM :512 MB DD RAM•MONITOR :15” COLOR•HARD DISK :20 GB•FLOPPY DRIVE :1.44 MB•CDDRIVE :LG 52X•KEYBOARD :STANDARD 102
KEYS•MOUSE :3 BUTTONS
10
SOFTWARE REQUIREMENTS
•Front End : Java, RMI, JFC (Swing)
•Server : apache-tomcat-6.0.18(Web Server)
•Backend : Ms-Access•Tools Used : Eclipse 3.3•Operating System : Windows XP/7
11
MODULES
1. Pseudonym Manager:
• The user must first contact the Pseudonym
Manager (PM) and demonstrate control over a
resource
• Pseudonyms are deterministically chosen based
on the controlled resource, ensuring that the
same pseudonym is always issued for the same
resource
12
MODULES(CONTD…)
2.Nymble Manager:
•After obtaining a pseudonym from the
PM, the user connects to the Nymble
Manager (NM) through the anonymizing
network, and requests nymbles for access
to a particular server
13
MODULES(CONTD…)
3. Blacklisting a user:
• If a user misbehaves, the server may link
any future connection from this user within
the current linkability window
• The ip address of misbehaving user is put
into the server’s blacklist without
disclosing the identity of the user
14
MODULES(CONTD…)
4.Resource-Based Blocking
•To limit the number of identities a user
can obtain (called the Sybil attack ), the
Nymble system binds Nymble to
resources that are sufficiently difficult to
obtain in great numbers
15
PROPERTIES
1. Blacklistability : It assures that any
honest server can indeed block
misbehaving users. If a user misbehaves
then he is immediately blacklisted by the
server
16
PROPERTIES(CONTD…)
•Rate-limiting : It assures any honest
server that no user can successfully
nymble-connect to it more than once
within any single time period
17
PROPERTIES(CONTD…)
•Nonframeability: It guarantees that any
honest user who is legitimate according to
an honest server can nymble-connect to
that server. This prevents an attacker from
framing a legitimate honest user
•This property assumes each user has a
single unique identity
18
PROPERTIES(CONTD…)
•Revocation Audibility
This property enables the users
to know its blacklist status as in when
they needs to know it
19
Blacklisting a user
•If a user misbehaves, the server may link
any future connection from this user
within the current linkability window (e.g.,
the same day)
20
21
ADVANTAGES
1.Non Frameability :
•Any legitimate user cannot be framed by a
dishonest user
•If the users share the same IP address
then a user can be framed
22
ADVANTAGES(CONTD…)
2. Anonymity:
•Anonymity of the user is not lost.
•That is, using Nymble systems the privacy
of the users identity is highly maintained
in the anonymous networks
23
ADVANTAGES(CONTD…)
3.Across multiple linkability windows
•With multiple linkability windows, our
Nymble construction still has
Accountability and Non frame ability
because each ticket is valid for and only
for a specific linkability window
24
DISADVANTAGE:
•In case of user misbehavior, it is difficult
to identify the original culprits
• IP address are neither permanent nor
necessarily permanent
25
CONCLUSIONS
A comprehensive credential system
called Nymble, which can be used to add
a layer of accountability to any publicly
known anonymizing network
26
References
• [1] J. Camenisch and A. Lysyanskaya, “Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials,” Proc. Ann. Int’l Cryptology Conf. (CRYPTO), Springer, pp. 61-76, 2002.
• [2] J. Camenisch and A. Lysyanskaya, “Signature Schemes and Anonymous Credentials from Bilinear Maps,” Proc. Ann. Int’l Cryptology Conf. (CRYPTO), Springer, pp. 56-72, 2004.
• [3] C. Cornelius, A. Kapadia, P.P. Tsang, and S.W. Smith, “Nymble: Blocking Misbehaving Users in Anonymizing Networks,” Technical Report TR2008-637, Dartmouth College, Computer Science, Dec. 2008.
• http://java.sun.com• http://www.sourcefordgde.com• http://www.networkcomputing.com/• http://www.roseindia.com/• http://www.java2s.com/
27
THANK YOU