1997-09-25 - Re: Remailer Attack

Header Data

From: Tim May <tcmay@got.net>
To: cypherpunks@cyberpass.net
Message Hash: 93434995d9ccbe313ee6d409b0357b4d4df7b455b5cf7fbcf56d9df1a9151477
Message ID: <v03102801b050a29e2f1f@[]>
Reply To: <199709252158.XAA21054@basement.replay.com>
UTC Datetime: 1997-09-25 23:47:17 UTC
Raw Date: Fri, 26 Sep 1997 07:47:17 +0800

Raw message

From: Tim May <tcmay@got.net>
Date: Fri, 26 Sep 1997 07:47:17 +0800
To: cypherpunks@cyberpass.net
Subject: Re: Remailer Attack
In-Reply-To: <199709252158.XAA21054@basement.replay.com>
Message-ID: <v03102801b050a29e2f1f@[]>
MIME-Version: 1.0
Content-Type: text/plain

At 2:58 PM -0700 9/25/97, Anonymous wrote:

>The remailers should all have about the same latency.  0 seconds seems
>like a good Schelling point.  What would it take to reduce remailer
>latency to under 60 seconds for most of the remailers?  Do people need
>old 486s to dedicate to the task?  Do they need money?  Better
>If you operate a remailer, please tell us what you need to make it
>really work well.  Perhaps the rest of us can help make it happen.

Think about a zero latency. How would mixing then occur? How would the
mapping between incoming and outcoming messages be obscured?

Latency, per se, is of course not the key issue. Mixing is. If a remailer
site gets an average of 10 messages per minute, and a mixing of 10 is
desired, then the average time delay could be as short as 1 minute. If a
remailer gets only a handful of messages over several hours, then the
latency cannot safely be made shorter than a few hours.

The math is straightforward.

As to what is needed to generally improve the remailers, this has been
discussed many times. Cf. my Cyphernomicon for some thoughts, c. 1994,
which actually haven't changed much.

Generally, a bunch of things would be nice to have:

* throwaway accounts, and yet with some robustness or reputation capital
backing them

* increased traffic at all levels

* a profit motive for remailers, using "digital postage" (though this may
work against the second point, having more traffic)

* more chaining tools for average users (on Windows and Macintosh machines,
using standard mailers)

* more analysis of the weaknesses of remailer networks, looking at
correlations that can be made, spoofing methods, etc.

* and so on

--Tim May

The Feds have shown their hand: they want a ban on domestic cryptography
Timothy C. May              | Crypto Anarchy: encryption, digital money,
ComSec 3DES:   408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^1398269     | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."