1997-06-25 - Re: Anonymous browsing (was Re: Getting Back to our Radical Roots)

Header Data

From: Jeremey Barrett <jeremey@bluemoney.com>
To: cypherpunks@cyberpass.net
Message Hash: 5bae825ed3280f6bf4a239015dbb46ec3abad10dcde6f45c895ea3b27484b683
Message ID: <>
Reply To: <>
UTC Datetime: 1997-06-25 22:43:34 UTC
Raw Date: Thu, 26 Jun 1997 06:43:34 +0800

Raw message

From: Jeremey Barrett <jeremey@bluemoney.com>
Date: Thu, 26 Jun 1997 06:43:34 +0800
To: cypherpunks@cyberpass.net
Subject: Re: Anonymous browsing (was Re: Getting Back to our Radical Roots)
In-Reply-To: <>
Message-ID: <>
MIME-Version: 1.0
Content-Type: text/plain


At 04:23 PM 6/25/97 -0400, tzeruch@ceddec.com wrote:
>On Fri, 20 Jun 1997, Jeremey Barrett wrote:
>> The question is what's the threat model. If the goal is to prevent the
>> server from identifying the client given limited resources, then
>> www.anonymizer.com or similar is sufficient. However, the real problem
>> is preventing an entity with unlimited resources and control over most
>> of the nodes in the anonymous network from conducting successful traffic
>> analysis. This is an entirely different and very difficult problem.
>Having got the latest Applied Cryptography, it looks like it would be
>possible to set up a series of servers on the "Dining Cryptographers at a
>Disco" model.  It would require a constant flow, probably something like
>token ring, so couldn't be used for high bandwidth applications, but it
>completely nukes traffic analysis.

You'll have a secure black box then. Everything in the black box
is secure, but the real information comes from watching what goes
in one side and out the other. Unless there is an astronomical amount 
of traffic, it will be fairly obvious who's doing what.

After all, knowing who did what is the goal of traffic analysis, usually 
not what route they took in between.

The trick is to design a system where an eavesdropper can't correlate
a connection into the anonymous network to one coming out. Such a system will 

almost certainly involve some sort of "personal proxy" running on your own 
machine. It might maintain a constant bandwidth to the anonymous network, but 

that's sub-optimal since most people like their bandwidth for other things.


Version: PGP for Personal Privacy 5.0
Charset: noconv


Jeremey Barrett                                BlueMoney Software Corp.
Crypto, Ecash, Commerce Systems               http://www.bluemoney.com/
PGP key fingerprint =  3B 42 1E D4 4B 17 0D 80  DC 59 6F 59 04 C3 83 64