1994-05-13 - Re: Message Havens

Header Data

From: David Scheidt <scheida@earlham.edu>
To: sinclai@ecf.toronto.edu
Message Hash: 90c8647a24669fbf206226a4e5433b14fdddc7574c129835360dc819af848a37
Message ID: <0097E5E6.B70F7014.977@earlham.edu>
Reply To: N/A
UTC Datetime: 1994-05-13 17:48:11 UTC
Raw Date: Fri, 13 May 94 10:48:11 PDT

Raw message

From: David Scheidt <scheida@earlham.edu>
Date: Fri, 13 May 94 10:48:11 PDT
To: sinclai@ecf.toronto.edu
Subject: Re: Message Havens
Message-ID: <0097E5E6.B70F7014.977@earlham.edu>
MIME-Version: 1.0
Content-Type: text/plain


Thus spake SINCLAIR  DOUGLAS N <sinclai@ecf.toronto.edu>:
>  klbarrus@owlnet.rice.edu (Karl Lui Barrus) writes:

>> Maybe I wasn't clear in what the "message haven" offered... I'm trying
>> to get away from the penet style mapping tables, persistent
>> information tying you and your pseudonym, and solve the "unsolicited
>> anonymous mail" problem.  The message haven requires no trust, no
>> tables, no information since it just accepts message and files them,
>> and if you retrieve all the message, the haven can't figure out which
>> ones you are interested in!
>This flavour of message haven would not require persistent tables.
>A crooked operator /could/ maintain them, but unlike penet they are
>not required.  Every time you log into a message haven, you tell it
>what tags you are interested in.  Here the level of trust is similar
>to that of a regular remailer.  The remailer /could/ keep logs to
>destroy your anonymity, but we hope it doesn't.
>
>I realize this solution is far from ideal.  But as I posted before,
>I don't believe the numbers favour a message haven where everything
>is downloaded.  I have this nagging feeling that there is some
>very elegant cryptographical way of doing this employing secret
>sharing, but I can't actually think of how to do it.

Couldn't each message have a short header, which is encrypted with the 
final recipent's public key?  When you go to retrieve mail from the haven, 
you request the complete list of headers (or at least those that are new). 
If you can decrypt the header, then the message is for you.  You then 
request that those messages, and also some random messages, be sent to you. 
If the sender uses one or more current-style remailers to send his/her 
message to the haven, it would much more difficult to work out a map of 
who is talking to whom.  

david
--------------------------------------------------------------------------------
David Scheidt                      PGP 2.3 key by email
scheida@yang.earlham.edu           or finger scheida@earlham.edu

"If we don't remember what we do, how will we know who we are?"
					-Ronald Reagan






Thread