Anonymity without Anonymity without Sacrificing Sacrificing Performance Performance Enhanced Nymble System with Distributed Architecture CS 858 Project Presentation Omid Ardakanian * Nam Pham * *David R. Cheriton School of Computer Science, University of Water
25
Embed
Anonymity without Sacrificing Performance Enhanced Nymble System with Distributed Architecture CS 858 Project Presentation Omid Ardakanian * Nam Pham *
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Anonymity without Anonymity without Sacrificing Performance Sacrificing Performance Enhanced Nymble System with Distributed Architecture
CS 858 Project PresentationOmid Ardakanian*
Nam Pham*
*David R. Cheriton School of Computer Science, University of Waterloo
OutlineOutline Introduction
◦ Review of Nymble
◦ New goals
Ring Signature for dummies!
Proposed Solution
◦ Distributed Pseudonym Manager
◦ Distributed Nymble Manager
Analysis
Future Work
Summary
Review of NymbleReview of Nymble
Nymble WeaknessesNymble Weaknesses
Collusion between NM and PM◦De-anonymizes the network
◦Reveals user behavior
TTPs are single point of failureScalability problem
Related WorkRelated WorkBLacklistable Anonymous Credential
(BLAC)
◦ Pros: Eliminates the reliance of TTPs
◦ Cons: Suffers from severe bottleneck at the side of Service Providers
PEREA
◦ Pros: Computation is linear in the size of the blacklist
◦ Cons: Performance is still a problem
New goalsNew goals
Maintaining security properties of original Nymble Design◦Mis-authentication resistance
◦Blacklistability
◦Anonymity and Non-frameability
Enhancements◦Unconditional Anonymity
◦Scalability & Robustness
Proposed SolutionsProposed Solutions
Consists of two main parts:
◦Distributing Pseudonym Manager
◦Distributing Nymble Manager
Ring SignatureRing Signature
By Rivest, Shamir and Tauman◦A group member can sign a message
on behalf of the group without revealing her identity.
◦Ring signature is created on demand! No setup procedure or agreement
How should we generate the seed?◦ S1: Ask another NM to create the hash of
server id with his own key Seed will not be unique
◦ S2: Ask another NM to create the hash of server id with the shared key Vulnerable to brute force attack
AnalysisAnalysisOur Solution:
◦Provides collusion prevention without eliminating TTPs No proof generation and proof verification
needed Better performance than BLAC and PEREA
◦Decreases the number of required signature
◦Eliminates unnecessary key sharing
◦Makes use of an efficient ring signature scheme with efficient size
Future WorkFuture Work
Dynamic ForgivenessMultiple Rounds for Pseudonym
RegistrationOptimal Ring SignatureExperimental Analysis
SummarySummaryWe introduced an anonymous
blocking system based on Nymble◦Using distributed TTPs architecture◦With collusion resistance feature◦With less computation cost◦With increased usability