From: zane@genesis.mcs.com (Sameer)
Date: Tue, 29 Jun 93 17:52:19 PDT
To: jthomas@kolanut.mitre.org (Joe Thomas)
Subject: Re: REMAIL: problems
In-Reply-To: <9306291227.AA00990@kolanut>
Message-ID: <m0oAqLa-000MVxC@genesis.mcs.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <9306291227.AA00990@kolanut>, Joe Thomas writes:
> 
> Consider cryptographic secret-sharing protocols.  If we have 20 remailers,  
> each remailer could split his key into 20 pieces, 15 of which would be  
> necessary to reconstruct the key.  When a remailer goes down, the key could  
> be reconstructed and given to a substitute remailer.  The system can survive  
> the loss of 5 remailers, and would require a collaboration of 15, or 3/4 of  
> the remailer operators to intentionally break the security.
> 
> Joe
	This secret sharing *does* look very appealling.
	How would the substitute remailer be chosen? Very difficult to
build, however, as it would require a great deal of similarity between
remailer software.
	How can a key be split into 20 pieces while only requiring [any?] 15
to work? Redundancy?

	It would be a good idea to have two sorts of keys for each
remailer, maybe. One key for normal usage and another key for
communication between remailers, key-part distribution, etc.

--
| Sameer Parekh-zane@genesis.MCS.COM-PFA related mail to pfa@genesis.MCS.COM |
| Apprentice Philosopher, Writer, Physicist, Healer, Programmer, Lover, more |
| "Symbiosis is Good" - Me_"Specialization is for Insects" - R. A. Heinlein_/
 \_______________________/ \______________________________________________/