1996-06-29 - Re: anonymous mailing lists

Header Data

From: Hal <hfinney@shell.portal.com>
To: cypherpunks@toad.com
Message Hash: a618574eab07f84f63b02b0ed2a1c0e2b826e015a1aed10e0d2904ec7234f4b6
Message ID: <199606291640.JAA28469@jobe.shell.portal.com>
Reply To: N/A
UTC Datetime: 1996-06-29 21:03:31 UTC
Raw Date: Sun, 30 Jun 1996 05:03:31 +0800

Raw message

From: Hal <hfinney@shell.portal.com>
Date: Sun, 30 Jun 1996 05:03:31 +0800
To: cypherpunks@toad.com
Subject: Re:  anonymous mailing lists
Message-ID: <199606291640.JAA28469@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Wei Dai did some nice statistical analysis of this type of attack
sometime a year or two ago.  Even with countermeasures such as you
suggest, if they are not perfect, so some information leaks correlating
incoming and outgoing messages, Wei showed that it was possible to
deduce the owners of the nyms surprisingly quickly.

The countermeasures do work - if you get and send exactly 50 pieces of
4K byte email every day, no matter what, then correlations don't exist
- but they are expensive to do perfectly.  For now we have much worse
weaknesses; none of the current return-address systems are really safe,
other than posting encrypted mail to newsgroups (and even that may be a
problem if they suspect who you are and are monitoring your computer
link to see if you download certain messages).

Hal





Thread