From: Jim Choate <ravage@ssz.com>
Date: Fri, 3 Oct 1997 12:09:25 +0800
To: cypherpunks@ssz.com (Cypherpunks Distributed Remailer)
Subject: Traffic Analysis (fwd)
Message-ID: <199710030423.XAA29605@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text



Forwarded message:

> Date: Thu, 02 Oct 1997 23:28:10 -0400
> From: "Robert A. Costner" <pooh@efga.org>
> Subject: Traffic Analysis

> I'm curious about traffic analysis capability.  While I don't know the
> exact figures involved, I'd say that Cracker throws away about 10% of the
> messages it receives.  Admittedly, these are probably not encrypted
> messages (I don't know.  Humans do not get to read the messages.)  Does
> this make traffic analysis more difficult?

Why/how does it decide to throw them away? Does the incoming produce cover
traffic even if its thrown away? Traffic analysis generaly does not look at
the contents of the packets, encrypted or not is irrelevant.

I suspect it would lower the estimated ratio of cover traffic if nothing
gets sent out. This would in general lower the cost to analyse the traffic.
I would set it up to send bogus outgoing even if the message was dropped.
That way the analysis would correlate the dropped message to the outgoing
and produce a cover ratio closer to the actual value. Also remember to send
n+1 bogus traffic to make up for the dropped outgoing.

> Or suppose Redneck sent each nym an encrypted message each day, or more
> often?

By 'nym' you mean each subscribed address or to each address used in the
outgoing? I would say it is bad to send to subscribers. It provides
non-covered traffic that identifies your subscribers specificaly (really not
a threat since Mallet already has their original incoming and therefore
their source address) as well as demonstrating that you are keeping long-term
traffic records. The long-term records represent a clear threat to the
security and stability of the remailer. If you send out this cover traffic
regularly then be shure to use some mechanism to select email addresses
randomly or else Mallet will get a list of your bogus addresses and begins
to filter them immediately.

A commercial remailer should not keep records of its use. However, I suspect
that eventualy remailers will be required to keep usage records by law.


    ____________________________________________________________________
   |                                                                    |
   |    The financial policy of the welfare state requires that there   |
   |    be no way for the owners of wealth to protect themselves.       |
   |                                                                    |
   |                                       -Alan Greenspan-             |
   |                                                                    | 
   |            _____                             The Armadillo Group   |
   |         ,::////;::-.                           Austin, Tx. USA     |
   |        /:'///// ``::>/|/                     http:// www.ssz.com/  |
   |      .',  ||||    `/( e\                                           |
   |  -====~~mm-'`-```-mm --'-                         Jim Choate       |
   |                                                 ravage@ssz.com     |
   |                                                  512-451-7087      |
   |____________________________________________________________________|