1994-03-11 - Re: Improvement of remailer security

Header Data

From: lcottrell@popmail.ucsd.edu (Lance Cottrell)
To: boldt@math.ucsb.edu (Axel Boldt)
Message Hash: ed8f1056f34740f4423aa04416f87dfae105bd9c37bf7985282496ebea3eb3b2
Message ID: <199403110746.XAA15270@ucsd.edu>
Reply To: N/A
UTC Datetime: 1994-03-11 07:46:55 UTC
Raw Date: Thu, 10 Mar 94 23:46:55 PST

Raw message

From: lcottrell@popmail.ucsd.edu (Lance Cottrell)
Date: Thu, 10 Mar 94 23:46:55 PST
To: boldt@math.ucsb.edu (Axel Boldt)
Subject: Re: Improvement of remailer security
Message-ID: <199403110746.XAA15270@ucsd.edu>
MIME-Version: 1.0
Content-Type: text/plain


>Even the current pgp encryption scheme offered by some remailers
>doesn't help much, once the incoming and outgoing messages are known:
>just take the outgoing message from the remailer, encrypt it with the
>remailer's public key, compare this to the incoming messages and you
>know who sent this message (repeat if a chain of remailers was used).

This is incorrect. The message is not encrypted with the public key. It is
encrypted with an IDEA key which is encrypted with the remailers public
key. Since the remailer does not forward that key (obviously), this attack
is not possible.

--------------------------------------------------
Lance Cottrell  who does not speak for CASS/UCSD
loki@nately.ucsd.edu
PGP 2.3 key available by finger or server.

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche







Thread