From: ghsvax!hal@uunet.UU.NET (Hal Finney)
Date: Wed, 30 Dec 92 13:36:33 PST
To: cypherpunks@toad.com
Subject: Return addresses
Message-ID: <9212302111.AA09802@nano.noname>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Eric Messick has an interesting idea in his "postage due" anonymous
addresses, where the forwarders would encrypt the message contents as
it passed through, and then the receiver would have to pay them to get
the message decrypted.

Chaum's idea was that the message contents would be encrypted at each
step, as Eric suggests, but Chaum would have the encryption key be
part of the anonymous address, created by the same person who made the
anonymous address.  The idea would be, after decrypting the incoming
message, the remailer would see something like:

	Anon-To: <next destination>
	Encrypt-With: <some DES or IDEA key>

It would then encrypt the message "contents" (but not the "envelope",
as Eric points out) using the specified key.  When the owner of the
anonymous address received the message, he would decrypt it using the
chain of "Encrypt-With" keys that he put into the anonymous address.

This does not support Eric's feature of allowing remailers to charge
for anonymous addresses, but it does provide more security than the
current remailers by changing the message contents at each step.

Hal
74076.1041@compuserve.com

-----BEGIN PGP SIGNATURE-----
Version: 2.1

iQCVAgUBK0IQLqgTA69YIUw3AQHqawQAozCAXrHB1+dksB2fQKeqIoY530340chd
PZlznNGv0wp5gZdIJnFqJ/40scABHjuMc7B7e9QnUglMm1j59b6ZJOGON8kOaYsm
J19vsCOWEWuQhFtMl6oC4hXxPtjZ1BOdm8lr+RQ7KZlpBTe4eusoEMaV5zMMk1TI
vkAT6A4YZ5o=
=DZE1
-----END PGP SIGNATURE-----