1994-12-11 - nym based remailer proposals

Header Data

From: lcottrell@popmail.ucsd.edu (Lance Cottrell)
To: remailer-operators@c2.org
Message Hash: 87310b585db4bae3b1df0e7344e0a039f7941aa22d07b05c8660eab347d13224
Message ID: <ab1062710002100481ed@[]>
Reply To: N/A
UTC Datetime: 1994-12-11 08:05:05 UTC
Raw Date: Sun, 11 Dec 94 00:05:05 PST

Raw message

From: lcottrell@popmail.ucsd.edu (Lance Cottrell)
Date: Sun, 11 Dec 94 00:05:05 PST
To: remailer-operators@c2.org
Subject: nym based remailer proposals
Message-ID: <ab1062710002100481ed@[]>
MIME-Version: 1.0
Content-Type: text/plain


Current nym based remailers suffer from the same insecurity that all return
address share. It is easy for an opponent to trace a return address by
sending many messages to that address, and watching the traffic generated.
If the remailer uses a database of nyms to real names (like Julf's penet
remailer) then all security rests with the integrity of the operator and
the security of that one system. These security problems can be avoided,
while still providing the benefits of a "replyable" address.

I suggested the following scheme at the last San Diego Cypherpunks meeting.
It was well received there, so I hope it will be of interest.

Having read the help files, this is my understanding of how the current nym
based remailers work. I send an anonymous reply block to the nym remailer,
which puts it in a database, along with my chosen nym. This can all be done
through remailers. Now anyone can send mail to nym@remailer.address.com and
it will be sent to me using the reply block I sent.

I propose two changes:
1) To facilitate replying to nyms, I should be able to send mail to the
remailer indicating the nym it should appear to be from. Then a recipient
would simply hit reply, and the response would go back to the real sender.

2) I propose the use of message pools rather than return addresses. With
enough subscribers, the best way to do this would be using mailing lists.
There already exist many tools which could filter out all pool message
other than yours. Until that time, alt.anonymous.messages would be a better
choice. To be practical, both of these schemes require that the user be
able to filter out messages to other nyms.

The remailer (which might be better called a nym server) should place the
subject line of the incoming reply in the body of the message, and replace
the subject line with some searchable string (e.g. To Nym: Pr0duct Cypher).
Searching alt.anonymous.messages for your nym in the subject line would
reveal all messages to you.

While the current system would allow me to have messages sent to a message
pool using a mail-to-news gateway, I am not now able to search for messages
to me, and I can not send messages "From: " my nym.

                -Lance (Ice Weasel) Cottrell

Version: 2.6


Lance Cottrell  who does not speak for CASS/UCSD
PGP 2.6 key available by finger or server. Encrypted mail welcome.
Home page http://nately.ucsd.edu/~loki/
Home of "chain" the remailer chaining script.
For anon remailer info, mail remailer@nately.ucsd.edu Subject: remailer-help

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."