From: Matthew J Ghio <mg5n+@andrew.cmu.edu>
Date: Sat, 1 Oct 94 14:45:15 PDT
To: cypherpunks@toad.com
Subject: Re: Technical Remailer Analysis.
In-Reply-To: <199410010435.AAA10221@ducie.cs.umass.edu>
Message-ID: <UiXRUby00awUMFMl48@andrew.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Hal Finney wrote:

> If I follow this, the attack is something like, every time Alice sends
> a message Bob receives one.  Observing this happening over a period of
> time we conclude they are communicating.  Could this be defeated by
> sending dummy messages so that Alice sends exactly 10 messages
> every day?  Then the fact that Bob receives messages on some day can't
> very well be associated with Alice.

This attack can be defeated if both Alice and Bob are running remailers.
Then their correspondence is hidden in the 100 messages a day of
remailer traffic.  An observer can not tell wether the messages were for
Alice or Bob, or if they were for the remailer (assuming latency was
used) or if they were bit bucket messages.  Alice could even forward her
personal messages to a bitbucket (after saving a copy for herself) to
further increase security.  This is why everyone should be running a
remailer if they are concerned about their privacy.