From: tcmay@got.net (Timothy C. May)
Date: Sat, 18 May 1996 17:58:02 +0800
To: cypherpunks@toad.com
Subject: The Crisis with Remailers
Message-ID: <adbfebe7040210046482@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 9:29 PM 5/15/96, jamesd@echeque.com wrote:

>Some nyms are valuable, most are valueless by design.  All remailers
>should be valueless by design.  The penet.fi remailer design is
>unsatisfactory precisely because it penet.fi is valuable, hence a
>target.  If it gets shut down a lot of people lose their nyms,
>causing much inconvenience.

I agree with this point, and the similar points made by Hal Finney and by
several others.

We have far too few remailers, they are too tempting as targets, the use of
"mail-to-News" gateways is formally separable from the function as a
remailer, and there is generally a stagnation in the deployment of new and
varied kinds of remailers and their modes of operation.

We used to discuss remailer architecture, topology, functionality, and
"ideal behavior" quite a bit a few years ago, but seldom do here on the
Cypherpunks list anymore. Various reasons: same old discussions,
commercialization of Mixmaster-type remailers (so I hear, and Lance
Cottrell can clarify this if this is indeed a factor) may be inhibiting
free discussion of planned features, and perhaps the discussion is going on
elsewhere (on remailerpunks, or the remailer operator's list).

(I'm surprised there have been no "Master's Thesis"-level analyses of
remailers and the modeling of them. I had expected by now at least a couple
of such studies. Even better, some even more advanced studies. The "theory
of remailers" was partly laid out by Chaum in his 1981 "Untraceable E-Mail"
short article--at the CSUA site at Berkeley, last I checked--but much has
happened since then. A practical analysis is needed. Note: the recent paper
on remailers by the SAI researcher and another is _not_ what I meant...that
was just put together from Raph's page, other sources, and a few days worth
of Web searches, as near as I can tell.]

A much richer ecology of remailers is sorely needed. A factor of at least
10 or 20 more (100-300 remailer sites), less reliance on specific sites, an
"everyone a remailer" capability (which has many elegant advantages!), more
traffic, temporarily instantiated sites, digital postage, greater ease of
use (especially with crypto and chaining), and such things as nominal
terminal remailers choosing to add their own hops (so as to lessen their
own target potential). Having some of these improvements will be a big
help.

In the past we have discussed many ideas related to this; I sure don't have
the energy right now to recapitulate the points made over the years. Cf. my
Cyphernomicon for some general features, at least as of mid-94. Also, the
archives, if they ever become available again.

Yes, things are stagnating at this time. Not because we discuss "off-topic"
things (as we sure did in 1992-3, for example!), but for various other
reasons.

I suspect the enemies of remailers will sense victory and will try to force
the remaining remailers to shut down or at the least to severely restrict
operations. From a high of perhaps 25 remailers, we may soon be down to
less than a dozen.

These remaining sites will feel even more pressure. The upcoming War on
Intellectual Property Piracy, with opening shots against China already
fired, will put even more heat on remailers.

(A remailer can't just "block" copyrighted material. It ain't practical.
And digital mixes (remailers) should not, obviously, be looking at content
of packets mailed. (Only the last, plaintext, message can be looked at if
things are done right, but I surmise from comments by remailer operators
that a lot of the traffic is not encrypted at all, and that the operators
do in fact take a few peeks at what's flowing through their systems....more
evidence that we are very far indeed from Chaum's ideal digital mixes.)

Yes, a crisis has been brewing for months.


--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."