[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Improvement of remailer security



>Even the current pgp encryption scheme offered by some remailers
>doesn't help much, once the incoming and outgoing messages are known:
>just take the outgoing message from the remailer, encrypt it with the
>remailer's public key, compare this to the incoming messages and you
>know who sent this message (repeat if a chain of remailers was used).

This is incorrect. The message is not encrypted with the public key. It is
encrypted with an IDEA key which is encrypted with the remailers public
key. Since the remailer does not forward that key (obviously), this attack
is not possible.

--------------------------------------------------
Lance Cottrell  who does not speak for CASS/UCSD
[email protected]
PGP 2.3 key available by finger or server.

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche