Re: REMAIL: Cover traffic

[jim@bilbo.suite.com (Jim Miller)]

jdblair writes:

> Jim Miller writes,
>
> > All inbound messages to a remailer from a non-remailer
> > address would be considered a "use" of that remailer.  A
> > remailer would maintain a list of the addresses of
> > "users" and would occasionally send bogus messages to a
> > randomly selected entry from its user list.  Inclusion
> > into the list would be automatic.  The list would be a
> > large, but fixed sized FIFO, with old entries dropping
> > off the end automatically.
> > 

> > 

> 

> However, there would be a record of addresses which
> anonymous mail had been sent to- probably not a good idea. 

> Julf's anonymizer has such a record, but I thought part of
> the idea of the cypherpunk remailers was to eliminate
> these records. 

> 


I assume the bad guys can generate their own record of remailer usage.   
The record could include the addresses used to send messages to remailers  
and the addresses receiving messages from remailers.  They can record when
a message enters the system from the outside, and they can record when a  
message leaves the system.

Given they can know all this by just monitoring the remailer system, then  
there is no reason why the remailers can't also use some of this  
information.  


Besides, the "user list" maintained by a remailer only needs to contain  
the non-remailer addresses used to send messages to the remailer.  It does  
not need to contain any time information or information about the messages  
passing through the remailer.  It also doesn't need to contain destination  
addresses.

Jim_Miller@suite.com



P.S.  After sending my previous message I realized the proposed mechanism  
still doesn't help Hal Finney's degenerate case where there is only one  
sender and one receiver, but I've come to believe it is not necessary to  
solve for that case.