1996-06-08 - Re: Multiple Remailers at a site?

Header Data

From: loki@obscura.com (Lance Cottrell)
To: Scott Brickner <nelson@crynwr.com
Message Hash: 461ce0013335d87b2588926b57ececa660a61a226b2ec69eed6fe73c0e45e1f0
Message ID: <added28f0302100472cc@[206.170.115.3]>
Reply To: N/A
UTC Datetime: 1996-06-08 11:27:47 UTC
Raw Date: Sat, 8 Jun 1996 19:27:47 +0800

Raw message

From: loki@obscura.com (Lance Cottrell)
Date: Sat, 8 Jun 1996 19:27:47 +0800
To: Scott Brickner <nelson@crynwr.com
Subject: Re: Multiple Remailers at a site?
Message-ID: <added28f0302100472cc@[206.170.115.3]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:16 PM 6/6/96, Scott Brickner wrote:
<SNIP>
>The discussion was about multiple remailers from multiple accounts on
>the same machine.  The very existence of the remailer, independent of
>issues like shuffling and chaining, is supposed to eliminate
>identifying the originator by the content of the message.  Message
>shuffling, delays, and chaining are entirely for the purpose of
>reducing the information available to the traffic analyst.  If several
>remailers are running on the same machine, they may be treated as if
>there were only one remailer, for the purpose of traffic analysis.
>Getting more traffic going through them just makes the analysts job
>easier, because his statistical conclusions are stronger.
         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

I don't think I am following you. My messages are a constant size signal (I
send N messages through the remailer). More traffic increases the
background signal and background noise. While the signal to noise of the
background gets better, the actual amount of noise went up so the ratio of
MY signal to the background noise went down. Perhaps I don't understand
what you are saying.

I think multiple remailers on a machine are less effective than a single
remailer with the combined traffic of all the individual remailers, because
the combined remailer does better reordering from a larger pool.

If the remailer chain contains just two or more uncompromised hops (not
necessarily consecutive) I suspect an attacker will be forced to treat the
remailer bramble as a single object. This attack is based on time
correlations of messages sent and received. In this case background traffic
is good because of the large number of false correlations it generates.
However, it is stunning how few messages it takes to make the correlation
stand out. The defense against this attack is to ensure that you send and
receive enough remailer mail to correlate with all other users for all
messages. Producing cover traffic, some of which returns to you, and some
of which is bit bucketed also ensures that it will not be known when you
receive a real message (as opposed to one of your own). Obviously this is
best done when you are a remailer operator yourself.

        -Lance (who will now dismount the soap box)

----------------------------------------------------------
Lance Cottrell   loki@obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://www.obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------







Thread