From: Karl Lui Barrus <klbarrus@owlnet.rice.edu>
Date: Fri, 13 May 94 18:17:01 PDT
To: cypherpunks@toad.com
Subject: Message Haven explanation
Message-ID: <9405140116.AA09715@flammulated.owlnet.rice.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hm... after reading various replies about the message haven I
described, I've concluded my original explanation was terrible and
confusing ;)

Background: I've noticed that about the only opposition voiced to
anonymous mail is the fact somebody can harrass another user (however,
they can also be used to forward Clarinet posts, for example).  Also,
systems such as Julf's, convenient as it is, require tables which map
psuedonym to true identity.  The message haven is my idea of how to
get around these two problems.  (I'm not saying Julf is untrustworthy
or something, this is just an idea to try out!)

The way I see it working is you would create a message containing what
you want to say, what to name the next reply, and anything else...
perhaps a new public key to encrypt the reply with.  You encrypt this
message with the public key for whoever you want to communicate with,
and send it to the haven with instuctions to file it under a name you
specify.  Your partner would browse the message haven, and retreive
the message.  He would frame a response, include what to name the next
reply, maybe include another key, etc., encrypt his message with your
public key, and send it back to be filed under the name you specified.

The very first message to a person would have to be titled something
obvious to them (i.e. "To Pr0duct Cypher", "To Deadbeat", "To
Wonderer", "To L. Detweiler" or whoever), unless you can pre-arrange
this.

So far, the haven just accepts messages and files them.  Maybe it
could take a digital cash payment to file in an area where the message
will be available for longer.  The haven doesn't even have a public
key (unless it runs a bank and has a public key for the bank portion).

Now, if the message haven keeps logs of what messages you read, it
will be able to figure out who you are communicating with.  One
possibility is to take all the message, so even if the haven fully
logs, it will derive no information.  This is only if you actually
care that the haven can figure out who you are communicating with.  If
not, just grab the messages for you.

Some people are suggesting retrieving a subset of the messages.  Yes,
this will work, but only if you take the same subset all the time.
For example, you take your messages and message addressed to users A,
B, C, and yourself.  (There would be a complication if all the other
users changed public keys simultaneously).  If you don't take the same
subset all the time (say you retrieve A, B, C, and yourself once, and
then X, Y, Z, and yourself another time.  It should be pretty clear
who you are!), you expose your identity.  Also, you would need to take
all the messages of the other users (say A, B, C, and you have 5
messages each.  You take all of yours, and just 1 from each of the
others.  Again, it should be pretty obvious who you are).

Maybe the easiest thing to do is simply use a brand new public key
every time, then you can take random messages.  Indeed, you could even
fool the haven into thinking you are communicating with someone else
by always retrieving their messages, if you use a new public key each
time.

Some schemes have been suggested in which you tell the haven what
messages you want.  It would send them along with some random ones.  I
don't like this idea since it requires the haven to be able to connect
your pseudonym with your true identity, and it's more complicated, as
far as the haven goes, and as far as you (if you want to use a new
key).  And if you are already telling the haven your identity, you may
as well just browse it and retrieve the messages intended for you.

So, hopefully that is a bit clearer.  Comments are welcome!

Karl Barrus
klbarrus@owlnet.rice.edu

-----BEGIN PGP SIGNATURE-----
Version: 2.3a

iQCVAgUBLdQmYIOA7OpLWtYzAQHIdwP9FHCtdL0XHhGCrLgVoFNNNdiSH8IGvlyO
wZq8vvbYtW34uRrEs0nYDchVpEtDpMgrSQdfSFaKrNjg5mdfbqWh9qEeMv1NM91p
jtqhYfUHqP1RE/CegET3tunI1h6fqfz91cMIpPc4hGM69OSJZecw8rumwKyxNwC8
cCBBDrb1iMk=
=H9K8
-----END PGP SIGNATURE-----