From: Black Unicorn <unicorn@access.digex.net>
To: sinclai@ecf.toronto.edu (SINCLAIR DOUGLAS N)
Message Hash: c64b46d53ed84cac2c7c6560b3c571c41dd495d75c0285818725bdde3c87bb0a
Message ID: <199405121515.AA10780@access3.digex.net>
Reply To: <94May12.102413edt.13411@cannon.ecf.toronto.edu>
UTC Datetime: 1994-05-12 15:16:09 UTC
Raw Date: Thu, 12 May 94 08:16:09 PDT
From: Black Unicorn <unicorn@access.digex.net>
Date: Thu, 12 May 94 08:16:09 PDT
To: sinclai@ecf.toronto.edu (SINCLAIR DOUGLAS N)
Subject: Re: Message Havens
In-Reply-To: <94May12.102413edt.13411@cannon.ecf.toronto.edu>
Message-ID: <199405121515.AA10780@access3.digex.net>
MIME-Version: 1.0
Content-Type: text/plain
>
> Downloading the whole message base to scan for one's messages
> will place a massive load on net.resources, and probably
> a prohibitive load on most people's terminals. This scheme
> should avoid this nescessity:
>
> Alice wishes to write a message anonymously to Bob. They have
> agreed in previous communications that their tag is the string "foo".
> Alice writes her messages, and encrypts it with Bob's public key.
> She then prepends the tag. It looks like this:
>
> Tag: foo
> --- Begin Pgp Message ---
> zxcvm,/asdfjk;qup
> ....
> iuerpw,d,fy
> --- End Pgp Message ---
>
>
> Next, she encrypts this with the gopherhole's public key. The
> resulting message is posted to the gopherhole, where it is decrypted
> and made available for all to download.
>
> Now, Bob enters the gopherhole and instructs it to download all
> messages with the tag of "foo". To thwart trafic volume analysis,
> he also downloads messages with tags "bar", "baz" and "quux", which
> he then discards.
Why can't gopherhole send a random number of messages with a user selected
cap?
Bob just sends one tag request encrypted with gopherhole's public key, and
gets between 5 and [User cap] messages. Even better, (Light bulb) Bob
can send the number of messages he is currently equipped to filter along
with the tag and gopherhole can modify this just a touch +/- 10% say just
to keep Bob from getting lazy and asking for the same number all the time.
Bob can then filter the tags himself with procmail or something. Just seems
simpler and easier on the user while harder on traffic analysis.
>
> Problems:
> The gopherhole must be trusted not to divulge which posts
> came from who, and it's key must not be compromized.
Same as remailers really. Perhaps there is a way to chain message havens?
> A tap on Bob's line shows that he /may/ have a connection with
> the "foo" tag. However, the only person that knows anything
> about that tag is Alice. Thus, the other party in the conversation
> must colaborate in an attack, probably ruining her anonymity.
With the right randomization and frequent tag changes, it is hard to
associate bob with any tag. This problem becomes increasingly difficult
if one introduces randomly generated tags and pgp messages and if the
user keeps the message cap high (25-30). Bandwidth simply cannot be
saved if the attacker is getting the downlink from gopherhole if you are
using a tag system like this. The user just has to deal with 30 messages
to best avoid the traffic analysis on this side. A tap on bob's line
reveals that he may have a connection with any of 25-30 real or imaginary
tags. One less thing to go on if you are an attacker, fake tags are a
real headache. Some clever filtering method for tags would be a nice
touch. All lowercase, all between four and seven letters and nouns or
something...?
> Comments?
>
Nice structure.
-uni- (Dark)
Return to May 1994
Return to “SINCLAIR DOUGLAS N <sinclai@ecf.toronto.edu>”