1992-12-14 - A minor experimental result

Header Data

From: tcmay@netcom.com (Timothy C. May)
To: cypherpunks@toad.com
Message Hash: cb71f78cbe8d56ccc8e08ead7b0e0421682f54e1d5148de8a872ea1a67664770
Message ID: <9212140649.AA12228@netcom.netcom.com>
Reply To: N/A
UTC Datetime: 1992-12-14 06:51:01 UTC
Raw Date: Sun, 13 Dec 92 22:51:01 PST

Raw message

From: tcmay@netcom.com (Timothy C. May)
Date: Sun, 13 Dec 92 22:51:01 PST
To: cypherpunks@toad.com
Subject: A minor experimental result
Message-ID: <9212140649.AA12228@netcom.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



One of the purposes of setting up remailers is to experiment with
them, see what kind of emergent behavior appears, see what kind of
flaws and obstacles arise, see how they break, etc.

Here's one: the compromise of my "anonymity" by one of the folks
running a remailer. (Who and where don't matter, just the phenomenon
itself.)

I used a single bounce without any encryption to send a message and
got a query from the owner of the remailer saying "I couldn't help
looking through my remailer archives and noticing...." and requesting
more information from me!!

Hoist by my own petard!

Several lessons:

* Multiple bounces help, even without encryption, as then the remailer
sysop can't be sure who originated the message.

* Encryption is of course even more desirable, though a hassle
(especially for Mac users).

* Remailer sysops should make a point to _not_ look at their remailer
archives. In fact, they should discard them immediately (for their own
legal protection, and for slightly greater trust amongst users, though
this is a hazy area...).

(Recall that the "mix" on which our software-based remailers are
loosely patterned are "memoryless," i.e., the tamper-resistant modules
that implement the receive-decrypt-store-forward protocol have no
memory of the mapping between incoming and outgoing messages. In
fact, the outside world cannot possibly compromise the protocols to get
at this information.)  

So, my laziness in using only a single bounce, combined with the
curiosity of a remailer sysop, breaks the anonymity.

Neither surprising nor profound, but I thought you folks would like to know.


--Tim May

--
..........................................................................
Timothy C. May | Crypto Anarchy: encryption, digital money,
tcmay@netcom.com | anonymous networks, digital pseudonyms, zero
408-688-5409 | knowledge, reputations, information markets,
W.A.S.T.E.: Aptos, CA | black markets, collapse of governments.
Higher Power: 2^756839 | PGP Public Key: by arrangement.






Thread