From: tcmay@netcom.com (Timothy C. May)
Date: Wed, 26 Jan 94 19:57:25 PST
To: cypherpunks@toad.com
Subject: Anonymous Anonymous ftp
In-Reply-To: <9401270253.AA03501@bilbo.suite.com>
Message-ID: <199401270354.TAA10210@mail.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



Jim Miller writes:

> Jim choate writes:
> 
> > The courts could then assume that the purpose of the
> > server is to collect and store documents in such a way that
> > there is a priori intention to prohibit legal agents from
> > accessing said data under court ordered supeona. This
> > qualifies as a conspiracy in every legal jurisdiction
> > that I know of. It also opens the sysadmin open to
> > prosecution as well.

> Are there really no countries in the world that would permit such a  
> server?  How depressing.
> 
> If true, I guess the next question becomes:  How can you offer a service  
> to the Internet, but make it impossible for a Bad Guy to physically locate  
> you?

This is what digital mixes are aimed at, of course. Not just
protecting mail against traffic analysis, but creating fully anonymous
transaction system--it follows, does it not, that a fully anonymous
2-way system means Alice doesn't know who Bob really is, or where his
site is located?

As a concrete example, does anyone know where the "BlackNet" site is?
Or "Sam Hill," or any of the other various pseudonyms?

With good mixes (along the lines of the second generation remailer I
wrote about recently) and 2-way communication (more on this in a
minute), the "truly anonymous server" is possible and even imminent.

How is anonymous 2-way communication possible? Several ways:

- prepaid mailers, good for sending a packet to a destination. With
the final address nested insided a series of encrypted packets, no mix
along the way can identify Bob without extensive collusion with other
mixes.

(The last remailer can in theory identify Bob, but he has no idea what
is being sent, or even that Bob is the "final recipient." Indeed, Bob
just looks like yet another remailer. Standard "Mixes 101" stuff.)

- pools, a la the pools used by Miron Cuperman and by my own BlackNet
experiment. Not a fast 2-way communication system, but it works.

- a Penet-style 2-way system, with additional security. Multiple
Penet-style remappers could handle name translations and only
collusion between them would reveal real identities. (And more sneaky
methods can be used to lessen this chance, too.)

There are probably other known methods, and others still to be
invented.

An "anonymous anonymous ftp" system is certainly feasible. The prepaid
mailer ideas would also fit in with digital postage ideas.

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power:2**859433 | Public Key: PGP and MailSafe available.