1997-05-16 - Re: Anonymous Remailers

Header Data

From: Adam Back <aba@dcs.ex.ac.uk>
To: kent@songbird.com
Message Hash: e754d0edea52ce0433acece1b1ec843aa2645582cca0d25dff618fb4f7e5623f
Message ID: <199705160927.KAA01424@server.test.net>
Reply To: <19970515192926.34411@bywater.songbird.com>
UTC Datetime: 1997-05-16 14:47:17 UTC
Raw Date: Fri, 16 May 1997 22:47:17 +0800

Raw message

From: Adam Back <aba@dcs.ex.ac.uk>
Date: Fri, 16 May 1997 22:47:17 +0800
To: kent@songbird.com
Subject: Re: Anonymous Remailers
In-Reply-To: <19970515192926.34411@bywater.songbird.com>
Message-ID: <199705160927.KAA01424@server.test.net>
MIME-Version: 1.0
Content-Type: text/plain

Kent Crispin <kent@songbird.com> writes:
> [about remailers]
> Hmm.  I did read, and I thought I understood this.  I claim that if
> the remailers collude, then there in no anonymity.  Correct? Even if I
> insert my own remailer in the list it doesn't help, if the others are
> all in cahoots.  This seems pretty obvious.  They all compare logs, 
> and saved copies of the messages, and my message can be tracked from 
> beginning to end.  Right?

Not entirely.

If other people use your remailer also, and you have latency, they'll
see n messages going into your remailer, and n come out.  There will
be log2(n) entropy added, they won't know which of those are from you
and which from the other users.

Flooding attacks might make the situation worse, say you wonder if all
of the messages apart from your own are from the attackers, and that
the purpose of these messages is to flush your message out of the
mixing pool.

Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/

print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>