1994-11-21 - REMAILER PROPOSAL

Header Data

From: Sandy Sandfort <sandfort@crl.com>
To: Cypherpunks <cypherpunks@toad.com>
Message Hash: a5bc13110871fedfd01c2093b0cac1b2cf03b038d7eaeb918024f00b08a0201b
Message ID: <Pine.SUN.3.91.941120164801.23756A-100000@crl5.crl.com>
Reply To: N/A
UTC Datetime: 1994-11-21 00:50:12 UTC
Raw Date: Sun, 20 Nov 94 16:50:12 PST

Raw message

From: Sandy Sandfort <sandfort@crl.com>
Date: Sun, 20 Nov 94 16:50:12 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: REMAILER PROPOSAL
Message-ID: <Pine.SUN.3.91.941120164801.23756A-100000@crl5.crl.com>
MIME-Version: 1.0
Content-Type: text/plain


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                         SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

C'punks,

I put together the following proposal to demonstrate a quick and
dirty way to implement a pay-to-play remailer system.  I don't
care much about the details.  Change any of them you feel like.
My main concern is the basic pre-paid postage system concept.  If
those of you who are--or plan to be--remailer operators like it,
it's yours.  No charge. If you don't like it, well, I guess it's
back to the old drawing board.


 S a n d y

P.S.  I love the name Spoon-E; everyone else will probably
      hate it.  Consider it one of those details that you
      should feel free to change.

                            *   *   *

              THE ELECTRONIC MAIL FORWARDERS GUILD

                           A Proposal


    In this Proposal, I briefly discuss the elements a mail
    forwarders guild might include.  My main purpose,
    however, is to outline a low-tech, anonymous postage
    system that such a guild could deploy today.  My
    proposed system is intended to serve only as a bridge
    until a more sophisticated, digital postage/money system
    is available on the Net.


MISSION STATEMENT--The purpose of the Electronic Mail Forwarders
Guild (EMFG) would be to:

1.  Encourage the proliferation and use of privacy oriented
    electronic mail forwarding sites,

2.  Encourage the adoption of privacy oriented electronic mail
    forwarding standards and protocols,

3.  Create and deploy new products and services on existing
    electronic mail forwarding sites,

4.  To provide mutual aid and assistance with regard to
    technical, legal and other problems,

5.  Establish and maintain an anonymous electronic postage system
    acceptable by all EMFG members.


ANONYMOUS ELECTRONIC POSTAGE SYSTEM

POSTAGE RATES--The first questions the EMFG will have to decide
concern how much the members wished to charge for their services.
Such questions would include:

    Should each forwarding hop cost the same, or should
    first and/or last hops receive a premium?

    Should message lengths be limited?  Should longer
    messages cost more than short ones?  Should each
    kilobyte cost the same, or should each successive
    kilobytes cost less--or more?

    Will the EMFG support any free forwarding?

    What net postage-per-service should EMFG member receive?

POSTAGE "STAMP" NAME--The basic unit of postage should be given a
"brand name."  Using a name instead of an amount, permits bulk
discounts and allows price adjustments as circumstances warrant.
I favor, "Spooner Electronic Postage Unit" or "Spoon-E" for short
(pronounced, "spoonie").  Thus, no matter what a Spoon-E costs,
it would always take one Spoon-E to go through one forwarder or
whatever.

SPOON-E STRUCTURE--Spoon-Es are random 12-digit numbers
generated by the clients.

POSTAGE ISSUER--The EMFG will need someone to issue Spoon-Es.
The EMFG could elect any of the following options:

    Rotate the uncompensated job among its members,

    Have member bid for the job in exchange for fixed fee or
    a percentage cut of each Spoon-E issued,

    Hire a third-party to issue Spoon-Es in exchange for a
    fixed fee or a cut.

PAYMENT AND ISSUANCE MECHANISM--There are various levels of
anonymity available to clients.  The choice will depend upon the
client's degree of paranoia.  They all, however, are processed
following these steps:

1.  Clients randomly generate a series of 12-digit numbers.

2.  These random numbers, plus an extra random 12-digit ID
    number, are encrypted using the Issuer's public key.

3.  This encrypted message and payment are sent to the Issuer.

4.  After payment has been accepted, the Issuer puts the clients'
    random numbers into an "Outstanding Spoon-E" database, and
    lists the corresponding ID numbers on a "Just Issued
    Spoon-Es" bulletin board.

5.  Clients may access the bulletin board to check when their
    Spoon-Es have been validated for use.

The level of anonymity is determined by the clients' method of
payment and transmission.  Payment via money order is the most
anonymous; personal check, the least.  (Cash is even more
anonymous, but with its own obvious risk.)

The least anonymous method of transmitting the client's 12-digit
numbers is via direct e-mail.  The most anonymous is via an
s-mailed floppy.  E-mail through a forwarder is somewhere in
between.

USE OF POSTAGE--The following steps would be performed in order
to forward messages through a series of EMFG sites:

1.  Clients consult the Issuer bulletin board to verify that
    their Spoon-Es are valid.

2.  Clients write their messages and include the appropriate
    number of Spoon-Es within each nested and encrypted
    "envelope" for each forwarding hop they intend to use.

3.  Upon receipt, each forwarder strips out the Spoon-Es for that
    hop.  The message is added to a mix file of other messages
    until a threshold number is reached.

4.  When the threshold is reached, the forwarder contacts the
    Issuer and verifies the validity of the Spoon-Es.  Valid
    Spoon-Es are removed from the "Outstanding Spoon-E" database
    and the corresponding messages are forwarded out of mix file
    in random order.  The forwarder's account is credited with
    the appropriate payment.  Messages with invalid or missing
    Spoon-Es go to the bit or into the free service channel if
    there is one.

5.  Step "4" is repeated through each forwarder until the message
    is delivered to its ultimate destination.  The various mix
    files help defeat traffic analysis and permit the Spoon-Es to
    be verified before the forwarding service is performed.


CONCLUSIONS

The existence of a for-profit (or at least self-funding), privacy
enhanced, electronic mail forwarding system does not need to
await the development of on-line digital money schemes.  It can
be deployed today, using readily available, low-tech methods.
Such a system benefits from economies of scale, and thus argues
in favor of the creation of a group of mail forwarders such as
the EMFG.


Sandy Sandfort
20 November 1994

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






Thread