1994-07-01 - Re: Chained Remailing Strategy and Tactics

Header Data

From: Stu@nemesis.wimsey.com (Stuart Smith)
To: cypherpunks@toad.com
Message Hash: 937b2d1430a89d0c6bb188cca13eb5e6b6d6abca8242854fb426a4a51743206f
Message ID: <2e12cfb0.nemesis@nemesis.wimsey.com>
Reply To: <199406300128.SAA25746@jobe.shell.portal.com>
UTC Datetime: 1994-07-01 00:30:17 UTC
Raw Date: Thu, 30 Jun 94 17:30:17 PDT

Raw message

From: Stu@nemesis.wimsey.com (Stuart Smith)
Date: Thu, 30 Jun 94 17:30:17 PDT
To: cypherpunks@toad.com
Subject: Re: Chained Remailing Strategy and Tactics
In-Reply-To: <199406300128.SAA25746@jobe.shell.portal.com>
Message-ID: <2e12cfb0.nemesis@nemesis.wimsey.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <199406300128.SAA25746@jobe.shell.portal.com> you write:
>standpoint.  Hitting a remailer at a slack time when, let's say, 
>only one message arrives over a period of several hours would 
>seem most unwise.

This is what junk messages are for.  A good remailer should mail
out random packets at random times 24 hrs a day, only some of
which would contain valid messages.  Making the sender of the
message try to time its delivery to a "busy" time would be

>Can someone familiar with remailer software answer something?  
>When a message is encrypted, using the "Encrypted: PGP" header, 
>will everything after the end of the encrypted message itself be 
>ignored?  I ask, because this seems like a good place to 
>introduce "padding" into the message length to thwart detection 
>of identical messages, assuming that such extraneous material 
>wouldn't screw something up.

Another thing that a good remailer should do, randomly pad
messages that it sends out.  I don't know if any of the current
crop actually do this though.

>What's the best strategy for utilizing a given group of remailers 
>in a chain?  Which ones would be most advantageous as the FIRST 
>link in the chain, since this is the one link that has direct 
>address to the originator's address.

I can't really think of any criteria.  It doesn't matter if the
first remailer knows your address or even if they decide to tell
the NSA you're using their remailer - as long as the other
remailers ( or most of them anyways ) aren't compromised, it
should still be very hard to trace any given message.

>Let's say that a message traveled down the chain A -> B -> C.  
>Couldn't someone with enough clout ask "C" where a certain 
>message (based on header data) originated, find out it was 
>relayed by "B", ask "B" for the source, etc. and trace it all the 
>way back to the source?  What, if anything, would prevent that?

Absolutely nothing.  If a message passes through x number of
people, and everyone of those people are working for the
government/intimitdated by the government - nothing on this
earth will keep your identity secret.  Think about it.  This is
another reason we should have *lots* of remailers - not only
does the difficulty in traffic analysis increase, but if one or
more remailers is compromised (read: bribed/threatened etc), you
should still be ok.

>military secrets.  IOW, a scenario where powerful agencies are 
>motivated enough to invest considerable resources in tracking the 
>culprit down.

There is a possibility they are still sunk - we don't know what
they know, so they might know something we don't know - you
know?  But... if most (I don't know how many or what percentage)
of the remailers were secure (not compromised/working for the
gov't) when the messages were sent and they kept *no* logs, even
going so far as to wipe from memory and disk any trace of
incoming and outgoing messages, then the problem the gov't
agencies face is not a problem of "clout" - it is a problem of
cryptanalysis.  The only way, at this point, to find the sender
is to start decrypting messages send to/from remailers (the
gov't would have had to capture them previously or they would be
gone now) and track what messages went where.  This brings up
another point, even if the remailers aren't/weren't compromised,
they *do* have the secret keys that the message was encrypted
with along each hop, so theoretically, unless every remailer
operator wiped his secret key immediately after such an event,
the government could tap/bribe/intimidate/rubber-hose its way to
the remailer's secret key and track the sender (with its
previously tapped messages to and from every remailer) long
after the event.

Perhaps remailers should get in the habit of changing keys often
or automatically.  If you wanted, you could "subscribe" to a
remailer to use it, and it would send you a new key say, every
24 hours.  Perhaps there could be another key for casual users
who can't be bothered.

>While we might agree that in those two cases, the persons deserve 
>to be caught, what's to prevent a President or other highly 
>placed federal bureaucrat from MISusing those same resources on 
>something less critical, such as tracking down and persecuting 
>someone who anonymously posts "Clinton is a prick" or "Clipper 

Nothing at all.. unless you can code PGE - Pretty Good Ethics
and get the Gov't to use it.

- --
 Baba baby mama shaggy papa baba bro baba rock a shaggy baba sister
shag saggy hey doc baba baby shaggy hey baba can you dig it baba baba
        E7 E3 90 7E 16 2E F3 45   *   28 24 2E C6 03 02 37 5C 
   Stuart Smith                           <stu@nemesis.wimsey.com>

Version: 2.6