论文信息 - BNymble: More Anonymous Blacklisting at Almost No Cost (A Short Paper)

BNymble: More Anonymous Blacklisting at Almost No Cost (A Short Paper)

Anonymous blacklisting schemes allow online service providers to prevent future anonymous access by abusive users while preserving the privacy of all anonymous users (both abusive and non-abusive). The first scheme proposed for this purpose was Nymble, an extremely efficient scheme based only on symmetric primitives; however, Nymble relies on trusted third parties who can collude to de-anonymize users of the scheme. Two recently proposed schemes, Nymbler and Jack, reduce the trust placed in these third parties at the expense of using less-efficient asymmetric crypto primitives. We present BNymble, a scheme which matches the anonymity guarantees of Nymbler and Jack while (nearly) maintaining the efficiency of the original Nymble. The key insight of BNymble is that we can achieve the anonymity goals of these more recent schemes by replacing only the infrequent "User Registration" protocol from Nymble with asymmetric primitives. We prove the security of BNymble, and report on its efficiency.

Nicholas Hopper | Peter Lofgren | P. Lofgren | Nicholas Hopper

[1] Nick Mathewson,et al. Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[2] Sean W. Smith,et al. Nymble: Blocking Misbehaving Users in Anonymizing Networks , 2011, IEEE Transactions on Dependable and Secure Computing.

[3] David Chaum,et al. Security without identification: transaction systems to make big brother obsolete , 1985, CACM.

[4] Chanathip Namprempre,et al. The One-More-RSA-Inversion Problems and the Security of Chaum's Blind Signature Scheme , 2003, Journal of Cryptology.

[5] Sean W. Smith,et al. Nymble: Anonymous IP-Address Blocking , 2007, Privacy Enhancing Technologies.

[6] Jiangtao Li,et al. Enhanced Privacy ID: A Direct Anonymous Attestation Scheme with Enhanced Revocation Capabilities , 2007, IEEE Transactions on Dependable and Secure Computing.

[7] Sean W. Smith,et al. PEREA: towards practical TTP-free revocation in anonymous authentication , 2008, CCS.

[8] Nicholas Hopper,et al. Jack: scalable accumulator-based nymble system , 2010, WPES '10.

[9] Ian Goldberg,et al. Extending Nymble-like Systems , 2011, 2011 IEEE Symposium on Security and Privacy.

[10] Sean W. Smith,et al. BLAC: Revoking Repeatedly Misbehaving Anonymous Users without Relying on TTPs , 2010, TSEC.

[11] Sean W. Smith,et al. Blacklistable anonymous credentials: blocking misbehaving users without ttps , 2007, CCS '07.

[12] Ian Goldberg,et al. Making a Nymbler Nymble Using VERBS , 2010, Privacy Enhancing Technologies.