1996-04-27 - Re: An idea for refining penet-style anonymous servers
Header Data
From: frantz@netcom.com (Bill Frantz)
To: cypherpunks@toad.com
Message Hash: c93192797316a532f9c3a8ddeb46e227dd3c832634a62bb95f1a23390bff7b50
Message ID: <199604261849.LAA03012@netcom9.netcom.com>
Reply To: N/A
UTC Datetime: 1996-04-27 05:21:17 UTC
Raw Date: Sat, 27 Apr 1996 13:21:17 +0800
Raw message
From: frantz@netcom.com (Bill Frantz)
Date: Sat, 27 Apr 1996 13:21:17 +0800
To: cypherpunks@toad.com
Subject: Re: An idea for refining penet-style anonymous servers
Message-ID: <199604261849.LAA03012@netcom9.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain
At 8:15 AM 4/25/96 -0700, Alan Bostick wrote:
>The other night, while sick and feverish with the flu, a scheme popped
>into my head that would seem to make penet-style anonymous servers less
>vulnerable to compromise through seizure of the remailer equipment or of
>the address database...
>
>My scheme is the design of the address database. It consists of two
>hash tables, one for sending messages (which maps anonymous IDs onto
>sender's addresses), and one for receiving them (mapping recipient's
>addresses onto anonymous IDs). A cryptographically secure hash (say,
>MD5) is used for the index of both tables.
>
>The index of the sending message table is the MD5 hash of the sender's
>address. The table entry the index points to is the sender's anonymous
>ID, encrypted by a symmetric algorithm (maybe IDEA). The encryption key
>would be a different hash, by another algorithm (let's suppose it's
>SHA), of that same address.
>
>...
>
>The receiving message hash table is designed similarly, in reverse. The
>index of the hash table is the MD5 hash of the anonymous ID; the entry
>in the table is the recipient's email address, encrypted with the SHA
>hash of the anonymous ID...
Assuming you have obtained the address database, it seems to me that this
scheme is subject to known address attacks:
(1) If you want to find out what newbie@slowresponse.com's anon ID is, you
just look it up.
(2) If you want to find out the real email addresses of all the users, you
test all the anon-ids with the reverse lookup table. This attack could be
defeated by using sufficiently long random anon-ids. If we assume 5 bits
of information/character, a 96 bit anon-id (sufficient to preclude
exhaustive search attacks) would require 19 character anon-ids.
Regards - Bill
------------------------------------------------------------------------
Bill Frantz | The CDA means | Periwinkle -- Computer Consulting
(408)356-8506 | lost jobs and | 16345 Englewood Ave.
frantz@netcom.com | dead teenagers | Los Gatos, CA 95032, USA
Thread
Return to April 1996
Return to “frantz@netcom.com (Bill Frantz)”
1996-04-27 (Sat, 27 Apr 1996 13:21:17 +0800) - Re: An idea for refining penet-style anonymous servers - frantz@netcom.com (Bill Frantz)