Extending Nymble-like Systems

We present several extensions to the Nymble framework for anonymous blacklisting systems. First, we show how to distribute the Verinym Issuer as a threshold entity. This provides liveness against a threshold Byzantine adversary and protects against denial-of-service attacks. Second, we describe how to revoke a user for a period spanning multiple link ability windows. This gives service providers more flexibility in deciding how long to block individual users. We also point out how our solution enables efficient blacklist transferability among service providers. Third, we augment the Verinym Acquisition Protocol for Tor-aware systems (that utilize IP addresses as a unique identifier) to handle two additional cases: 1) the operator of a Tor exit node wishes to access services protected by the system, and 2) a user's access to the Verinym Issuer (and the Tor network) is blocked by a firewall. Finally, we revisit the objective blacklisting mechanism used in Jack, and generalize this idea to enable objective blacklisting in other Nymble-like systems. We illustrate the approach by showing how to implement it in Nymble and Nymbler.

[1]  Ian Goldberg,et al.  Making a Nymbler Nymble using VERBS (Extended Version) , 2010 .

[2]  Victor Shoup,et al.  Practical Threshold Signatures , 2000, EUROCRYPT.

[3]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[4]  Jan Camenisch,et al.  Practical Verifiable Encryption and Decryption of Discrete Logarithms , 2003, CRYPTO.

[5]  Nicholas Hopper,et al.  BNymble: More Anonymous Blacklisting at Almost No Cost (A Short Paper) , 2011, Financial Cryptography.

[6]  Ian Goldberg,et al.  A pseudonymous communications infrastructure for the internet , 2000 .

[7]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[8]  P ? ? ? ? ? ? ? % ? ? ? ? , 1991 .

[9]  Mihir Bellare,et al.  Fast Batch Verification for Modular Exponentiation and Digital Signatures , 1998, IACR Cryptol. ePrint Arch..

[10]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[11]  Ed Dawson,et al.  Batch zero-knowledge proof and verification and its applications , 2007, TSEC.

[12]  Stefan Brands,et al.  Restrictive Blinding of Secret-Key Certificates , 1995, EUROCRYPT.

[13]  Jan Camenisch,et al.  Efficient Group Signature Schemes for Large Groups (Extended Abstract) , 1997, CRYPTO.

[14]  Anna Lysyanskaya,et al.  Signature schemes and applications to cryptographic protocol design , 2002 .

[15]  Nicholas Hopper,et al.  Bnymble (a Short Paper) More Anonymous Blacklisting at Almost No Cost , 2010 .

[16]  Jonathan M. McCune,et al.  A Contractual Anonymity System , 2010 .

[17]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[18]  Sean W. Smith,et al.  PEREA: towards practical TTP-free revocation in anonymous authentication , 2008, CCS.

[19]  Sean W. Smith,et al.  Nymble: Anonymous IP-Address Blocking , 2007, Privacy Enhancing Technologies.

[20]  Sean W. Smith,et al.  BLAC: Revoking Repeatedly Misbehaving Anonymous Users without Relying on TTPs , 2010, TSEC.

[21]  Ian Goldberg,et al.  Making a Nymbler Nymble Using VERBS , 2010, Privacy Enhancing Technologies.

[22]  Ian Goldberg,et al.  A Survey of Anonymous Blacklisting Systems , 2010 .

[23]  Bart De Decker,et al.  A Practical System for Globally Revoking the Unlinkable Pseudonyms of Unknown Users , 2007, ACISP.

[24]  Paul Feldman,et al.  A practical scheme for non-interactive verifiable secret sharing , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[25]  Patrick P. Tsang,et al.  IP-address Blocking in Tor with Trusted Computing ( Short Paper : Work in Progress ) ∗ , 2006 .

[26]  Ian Goldberg,et al.  Formalizing Anonymous Blacklisting Systems , 2011, 2011 IEEE Symposium on Security and Privacy.

[27]  Moti Yung,et al.  Robust efficient distributed RSA-key generation , 1998, STOC '98.

[28]  W. Marsden I and J , 2012 .

[29]  Jiangtao Li,et al.  Enhanced Privacy ID: A Direct Anonymous Attestation Scheme with Enhanced Revocation Capabilities , 2012, IEEE Trans. Dependable Secur. Comput..

[30]  Aaas News,et al.  Book Reviews , 1893, Buffalo Medical and Surgical Journal.

[31]  Ivan Damgård,et al.  Practical Threshold RSA Signatures without a Trusted Dealer , 2000, EUROCRYPT.

[32]  Jacques Stern,et al.  Fully Distributed Threshold RSA under Standard Assumptions , 2001, ASIACRYPT.

[33]  Kevin Barraclough,et al.  I and i , 2001, BMJ : British Medical Journal.

[34]  R. Dingledine,et al.  Design of a blocking-resistant anonymity system , 2006 .

[35]  Nicholas Hopper,et al.  Jack: scalable accumulator-based nymble system , 2010, WPES '10.

[36]  Stefan A. Brands,et al.  Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy , 2000 .

[37]  Sean W. Smith,et al.  Blacklistable anonymous credentials: blocking misbehaving users without ttps , 2007, CCS '07.

[38]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .