Jason E. Holt These files represent a simple, straightforward application of blind signatures as described in Chaum, Fiat and Naor's 1990 paper "Untraceable Electronic Cash". For a complete academic treatment of nym, see the preprint nym.pdf included with this distribution. The idea is that clients can obtain a blindly signed token from a CA, unblind it and end up with a validly signed token which the CA has never seen. In this case, CAs would only sign tokens once every predefined period for a particular email address, IP address or other scarce resource under the assumption that abusers will have difficulty obtaining many such resources. This token can then be used to anonymously obtain, say, a client X.509 certificate which can then be used in a web browser for pseudonymous browsing. This package contains everything you need for such a system: * Tools for obtaining and issuing tokens, one per IP address. * Tools for generating a CA and X.509 client certificates and having them signed by a tor hidden service after presenting a token * Patches to MediaWiki so that you can run your own WikiWikiWeb, accepting pseudonymous users and blocking pseudonymous abusers Tor users thus gain pseudonymity, and service providers can blacklist client certificates of users who misbehave. CAs cannot trace certificate owners back to IP addresses, since tokens are issued blindly. To use with the live demo at erg.no-ip.org: * nym now includes a Javascript client that works entirely in your web browser! It should work on any web browser that supports Javascript. Simply load javascript/jsnymclient.html in your web browser; instructions are provided on that page. To use the Perl-based implementation: * Make sure you have the latest Digest::SHA1, Math::BigInt::GMP, CGI and LWP perl modules (including LWP::Protocol::https (ubuntu/debian package libcrypt-ssleay-perl)) installed on your system, as well as OpenSSL's command line utilities. (You can use Math::BigInt alone, but modexps take *forever* (literally so on earlier versions of Math::BigInt)). * From the nym base directory, run "gettoken.pl". This should be done without tor, so that the token can be issued to your actual IP address. "Real" installations will probably block tor exit nodes and open http proxies to enforce the one-token-per-IP rule. * Wait a sufficient random interval so that the token and CA servers can't correlate the token and certificate issuing processes. Make a client certificate request by running 'makecert.sh', then have the CA sign it by running 'getcert.pl'. This (and use of the client cert) should be done via tor in order to protect your anonymity. * Install the client certificate "clientcert.p12" in your browser. Mozilla users should select "Ask Every Time" under "Privacy & Security | Certificates | Client Certificate Selection" to control when the cert is used. In Firefox, select "Edit | Preferences | Advanced | Certificates | Manage Certificates | Import", as well as the "ask every time" option in the Certificates dialog. * Visit https://erg.no-ip.org/ (through tor) and note that access is limited to those with client certs. The self-signed cert for the server has a SHA1 fingerprint of: E6:FA:20:B9:24:64:CE:B1:FD:B5:E0:E6:3E:CB:A9:93:0E:13:80:F3 * Visit the NymWiki at https://erg.no-ip.org/wiki/index.php/Main_Page Edit a page, and note that it appears as having come from 10.0.0.*. If you make a (polite) inappropriate edit, I'll eventually get around to blocking you for some period of time. To make your own CA, token server, and nym-enabled MediaWiki: * Install the CGI scripts in the *_cgi directories on appropriate web servers. To be secure, you'll probably want to change some of the paths listed at the top of the scripts. Ensure that the *_cgi/db directories are writeable by the web server. As shipped, things are configured to be used in place with a local web server with symlinks from /cgi-bin/nyms to the installation directory. * Generate token server keys: $ cd token_cgi $ ./makekeys.sh * Generate a CA: $ cd ca_cgi/CA $ ./makeca.sh * Ensure that the appropriate ca_cgi/CA subdirectories and files are writeable by the web server. ('chmod -R a+w ca_cgi/CA' is a clumsy way to do this.) * Update the paths in gettoken.pl, makecert.sh and getcert.pl to use the correct tokenpubkey and openssl.cnf files, as well as the correct CGI script URLs. * Configure a web server to demand client certificates signed by the CA. Now you can blacklist certificates from people who misbehave. The relevant code for your httpd.conf is: SSLVerifyClient 2 SSLCACertificateFile /whatever/cacert.pem SSLVerifyDepth 1 * Read mediawiki/README for information on patching MediaWiki.