1994-08-04 - Re: Remailer ideas (Was: Re: Latency vs. Reordering)

Header Data

From: Stu@nemesis.wimsey.com (Stuart Smith)
To: cypherpunks@toad.com
Message Hash: fd525257cfb69ad19e59075cdda34501a6d61bab6576191641764397fdccf089
Message ID: <2e3ff46f.nemesis@nemesis.wimsey.com>
Reply To: <199407282120.RAA07884@cs.oberlin.edu>
UTC Datetime: 1994-08-04 11:45:31 UTC
Raw Date: Thu, 4 Aug 94 04:45:31 PDT

Raw message

From: Stu@nemesis.wimsey.com (Stuart Smith)
Date: Thu, 4 Aug 94 04:45:31 PDT
To: cypherpunks@toad.com
Subject: Re: Remailer ideas (Was: Re: Latency vs. Reordering)
In-Reply-To: <199407282120.RAA07884@cs.oberlin.edu>
Message-ID: <2e3ff46f.nemesis@nemesis.wimsey.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

In article <199407282120.RAA07884@cs.oberlin.edu> you write:
>One naive solution would be for remailers to have a "ping" function. I could
>send a remailer a "ping" message, and it would just bounce some acknowledgement
>back. More likely, my software could do this periodically, and keep track
>of which remailers are down, or non existent, and not use those. 
>The problem here is that an eavesdropper could get knowledge of which remailers
>I am planning on using, which could help traffic analysis enormously. 
>The "ping" function could support anon encryption block, so that I can
>ping a remailer through several other remailers anonymously. This is an
>improvement, but the traffic generated by lots of people periodically doing
>this is going to be enormous. As it is in any implementation of this sort. 
>[If you wanted to, you could make the remailers "ping" now by yourslef, just 
>have a message resent to yourself. But we can't all do this automatically often,
>simply because of the traffic it woudl generate. I think.]

I thought extra useless junk traffic was one main objective of a
remailing network?   The more the better..  As far as the idea
that an eavesdropper could tell which remailers you are going to
use - they already know.  They can ping the same sites you do
and as long as you ping *every* site you know of, instead of
just the ones you'd like to use on any given message, this
doesn't give the spooks one iota of new information.

>All participating remailers would post an "i'm here" message on it
>periodically, say once every 24 hours. This message would include the 
>remailers public key as well. My local software could scan this newsgroup.

As long as the key isn't trusted just because it was in the
newsgroup - this sounds workable.  Or, each remailer could have
a mailing list of addresses it sends the "i'm here" message to. 
Again, this gets the spooks no new information - if you use a
remailer even once, you have to assume that if some one was
watching closely enough, they *know* you used the system, and
they *know* your chosen destination received a message from the
system.  They just can't figure out who sent what to who.

>at the idea solution, but there's got to be some way to create a remailer-net
>that will allow my local software to generate long remailer chains to remailers
>that are all still existent (now, if one of the remailers included in my

This seems backwards to me - I think what you want is local
software that is smart enough to figure out the state of the
remailer-net.  You needn't rip apart nor rebuild the whole net,
just write some code :)

- --
 Baba baby mama shaggy papa baba bro baba rock a shaggy baba sister
shag saggy hey doc baba baby shaggy hey baba can you dig it baba baba
        E7 E3 90 7E 16 2E F3 45   *   28 24 2E C6 03 02 37 5C 
   Stuart Smith                           <stu@nemesis.wimsey.com>

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAgUBLkACeai5iP4JtEWBAQHmFAQApaJMGuDPGHCtEBcfFV6kfGNAwx0fuTgO
jQ8yp10UHbe8ItfmjTZBFdHY4zfnPFIL6htn+6gcmOygj6OFEu320r+hA4u3Q7s/
opSaL72kAM53MQOHLabnZ80eEWQts3PWE1i4SfuGomkHKi5BZOUA5HwC+5DF4zTk
7RkW5E7f7a8=
=xUgv
-----END PGP SIGNATURE-----





Thread