1996-03-07 - Re: (Fwd) Gov’t run anon servers

Header Data

From: mccoy@communities.com (Jim McCoy)
To: cypherpunks@toad.com
Message Hash: d3aee730537400240c6f46414dd2ef40bde364c3ca29e24873ff704b9b7f6e6d
Message ID: <v02140b00ad61de571005@[199.2.22.124]>
Reply To: N/A
UTC Datetime: 1996-03-07 22:18:22 UTC
Raw Date: Fri, 8 Mar 1996 06:18:22 +0800

Raw message

From: mccoy@communities.com (Jim McCoy)
Date: Fri, 8 Mar 1996 06:18:22 +0800
To: cypherpunks@toad.com
Subject: Re: (Fwd) Gov't run anon servers
Message-ID: <v02140b00ad61de571005@[199.2.22.124]>
MIME-Version: 1.0
Content-Type: text/plain



Hal Finney writes:
[...regarding mixmaster remailer passwords...]
>
>The other suggestion that was made here, that the operator would have to
>manually type in the pass phrase every time the computer rebooted [...]
>However it would probably not be a practical method of operation given
>the reliability of at least the Unix operating systems that I am familiar
>with.

Then you need to start running PC unix systems which were last written
or updated during this decade.  Keeping a unix system running, _as long
as it is running a limited subset of application programs_, is a trivial
task in Linux, BSD/OS, FreeBSD, and others.  I routinely have server
systems which perform specific tasks (e.g. smtp mail services, DNS, etc.)
with uptimes of 5-6 months; there is no reason why a host serving as a
remailer should not be able to be as reliable.

> And even then the information is in memory.  An attacker who could
>gain root privileges (and let's not pretend that the NSA can't do that)
>can dump memory and later comb it for the key information.
>

"Security is economics"  -E. Hughes

The point is not to make a system which is absolutely, positively, no
doubt about it, secure against any attacker.  If cypherpunks could do
this they would be working for defense contractors and others who make
certified systems.  The objective is to make a system which is difficult
to attack, one which costs the attacker time/money.  After securing
a host against the obvious attacks one can turn to the esoteric ones
such as you present: move the key to kernel memory and remove tools
for accessing or manipulating that area, run the memory-space encrypted
and do not let it dump the contents to disk, etc.  Systems which
have been certified to high Orange book levels already exist, so there
are obviously solutions to the problems you present.  The tools and
tricks of these systems just need to be migrated into systems which
people actually use.

Then remember that remailers gain strength in numbers.  The more
remailers you chain your message through the better your chances of
passing through a single node which is not compromised, at which
point your message has been "mixed."  As long as it is easier for
someone to create new remailers than to break existing remailers
we are winning.

>My point remains that strong keys are pointless for remailers which run
>on Unix systems connected to the net.

"Insisting on perfect security is for people who do not have the
balls to live in the real world"  -paraphrased from M. Shaefer

You give far too much credit to the potential attackers.  One advantage
that unix systems connected to the net have over your hypothetical
PC at home is the advantage of persistence, what is the point of
running a remailer if it is never up, or only up when you need to use
it?  Traffic analysis of that particular node becomes a pretty easy
task :)  The unix hosts running remailers also have the advantage in
that they have been subjected to attack for quite a while now and
most of the obvious problems (and some of the non-obvious problems)
have been fixed.

A strong key on such a host is better than a weak key, so why not
make systems as strong as you can?  The only way to have a completely
secure computer is to encase it in concrete, cut any network connections,
and drop it into the ocean; OTOH the only thing you have created in this
case is a fairly unique boat anchor.  You are beginning to sound like
the people who claim that the NSA can crack any encryption system, not
because they have any proof but just because they extrapolate their
limited knowledge into the unknown and mix in a bit of paranoia.

[...]
>Recall that my original comments were in connection with the claim that
>the government was running most of the remailers.  As I said, I still
>think that is absurd when it would be so much easier to simply steal
>their keys.

But the point is that it is _not_ easier to steal the keys.  It is
much easier to put up a remailer than to attack an existing remailer,
this is why the remailer system is winning the battle of security
economics.  By putting up its own remailers a potential attacker
probabalistically diminishes the number of systems which they must
break.

jim







Thread