1994-10-01 - Re: Technical Remailer Analysis.
Header Data
From: tcmay@netcom.com (Timothy C. May)
To: hfinney@shell.portal.com (Hal)
Message Hash: e6e3fc1ebb298e0e98e5e9a27cb121f324b7178a6139a75d38921d9c54d1ba2c
Message ID: <199410011844.LAA16070@netcom15.netcom.com>
Reply To: <199410011756.KAA17377@jobe.shell.portal.com>
UTC Datetime: 1994-10-01 18:44:32 UTC
Raw Date: Sat, 1 Oct 94 11:44:32 PDT
Raw message
From: tcmay@netcom.com (Timothy C. May)
Date: Sat, 1 Oct 94 11:44:32 PDT
To: hfinney@shell.portal.com (Hal)
Subject: Re: Technical Remailer Analysis.
In-Reply-To: <199410011756.KAA17377@jobe.shell.portal.com>
Message-ID: <199410011844.LAA16070@netcom15.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain
Hal wrote:
> Good point. There is a related attack which Chaum pointed out in his
> 1981 CACM paper: the attacker intercepts and keeps a copy of an incoming
> message, then later re-sends it. This one will go to the same place and
> by repeating this multiple times we can figure out where the original
> message went.
Thanks to Louis Cypher and Hal Finney for discussing this. Our
remailers are, as several of us have discussed, at a primitive level
of security...in fact, most of the security is illusory and would
collapse under serious scrutiny.
Here are some fixes to consider, as I see them. Chaum, in his Feb.
1981 paper on Untraceable E-Mail (Comm. of the ACM) remains the key
paper, though some of the later DC-Net papers also deal with such
attacks (under the rubric of "collusion" and "flooding" types of
attacks).
Sorry for the format, as I'm using the tools I use for the FAQ.
157.3. Some possible fixes:
157.3.1. remailers can recognize duplicates and agree not to
remail them, or to remail them off in different directions (adding their own
hop-wrappers)
157.3.2. digital postage helps a bit, as the attacker at
least has to spend money
157.3.3. (If the inner layers of a message each have some
digital money, or a "one-use" coupon, then an attacker who copies and resends
the whole message is effectively double-spending and this should be detected.
Most simply, the "use once" coupon will only allow one passage through the
remailer.)
--Tim May
--
..........................................................................
Timothy C. May | Crypto Anarchy: encryption, digital money,
tcmay@netcom.com | anonymous networks, digital pseudonyms, zero
408-688-5409 | knowledge, reputations, information markets,
W.A.S.T.E.: Aptos, CA | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only:
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay
Thread
Return to October 1994
- Return to “bogus@no.return.address (Underdog)”
- Return to “Hal <hfinney@shell.portal.com>”
- Return to “Matthew J Ghio <mg5n+@andrew.cmu.edu>”
Return to “tcmay@netcom.com (Timothy C. May)”
- 1994-10-01 (Fri, 30 Sep 94 21:35:32 PDT) - Technical Remailer Analysis. - bogus@no.return.address (Underdog)
- 1994-10-01 (Sat, 1 Oct 94 10:56:50 PDT) - Re: Technical Remailer Analysis. - Hal <hfinney@shell.portal.com>
- 1994-10-01 (Sat, 1 Oct 94 11:44:32 PDT) - Re: Technical Remailer Analysis. - tcmay@netcom.com (Timothy C. May)
- 1994-10-01 (Sat, 1 Oct 94 14:45:15 PDT) - Re: Technical Remailer Analysis. - Matthew J Ghio <mg5n+@andrew.cmu.edu>
- 1994-10-01 (Sat, 1 Oct 94 10:56:50 PDT) - Re: Technical Remailer Analysis. - Hal <hfinney@shell.portal.com>