1998-01-28 - Re: future proofing algorihtms

Header Data

From: Lucky Green <shamrock@cypherpunks.to>
To: Tim May <tcmay@got.net>
Message Hash: 71274546ae9887ba9059deb1e0de8ec0067b766766b041e708f18fed23b6a476
Message ID: <Pine.BSF.3.96.980128051852.23935B-100000@pakastelohi.cypherpunks.to>
Reply To: <v03102805b0f4501f35a7@[207.167.93.63]>
UTC Datetime: 1998-01-28 04:36:18 UTC
Raw Date: Wed, 28 Jan 1998 12:36:18 +0800

Raw message

From: Lucky Green <shamrock@cypherpunks.to>
Date: Wed, 28 Jan 1998 12:36:18 +0800
To: Tim May <tcmay@got.net>
Subject: Re: future proofing algorihtms
In-Reply-To: <v03102805b0f4501f35a7@[207.167.93.63]>
Message-ID: <Pine.BSF.3.96.980128051852.23935B-100000@pakastelohi.cypherpunks.to>
MIME-Version: 1.0
Content-Type: text/plain



On Tue, 27 Jan 1998, Tim May wrote:
> A LAM approach is low tech, and can be implemented easily enough. (And
> PipeNet becomes much more feasible...)

I agree.

> Even an adventurous company, with many machines on various networks, could
> deploy a LAM on their network.

There are several such companies outside the US that I can think of.

> (Though the laws about corporate culpability are written in ways that a
> Silicon Graphics or Sun or C2Net would have much to fear in having their
> corporate network associated with a LAM of any sort. Hence my point about
> many and varied residential users in a physical building being the LAM
> nodes.)

Sure. A LAM would not happen at any of the above companies. But there are
several non-US ISP's and other outfits with triple fiber to the backbone
that could set this up. [You know who I am talking about, lurkers. :-) How
about it]?

> Another point about LAMs is that they are useful as "concentrators" for
> PipeNet connections. To wit,
> 
> Suppose someone has deployed a PipeNet connection to another node. Fine,
> but the NSA and Mossad and GCHQ and other enemies of freedom may watch the
> traffic flowing into the node feeding that PipeNet connection.
> 
> So why not do a better job of "loading" this PipeNet connection by having a
> LAM at the site? Then, watchers see the stuff flowing into the LAM, and
> have less idea (correlation-wise) of what's then making use of the PipeNet
> connection.

That setup would work even better if operated by a major ISP. If you run
10% of a country's (and be it a small country) IP traffic through a LAM,
the computations an attacker has to perform become complex to the point of
being intractable. Especially if the ISP runs dial-up. [Lurkers, your
thoughs please]?

Of course we won't see such sites until somebody writes the
software.

Cypherpunks write code,
-- Lucky Green <shamrock@cypherpunks.to> PGP v5 encrypted email preferred.
   "Tonga? Where the hell is Tonga? They have Cypherpunks there?"






Thread