Re: Remailer ideas

[John Douceur <johndo@microsoft.com>]

-----BEGIN PGP SIGNED MESSAGE-----

>From: Rick Busdiecker  <rfb@lehman.com>
>Date: Tuesday, August 09, 1994 12:54AM

>    It may thus be quite reasonable to build in a hard cutoff in
>    service time . . . since the extreme delay which triggers the
>    expedited transmission is an unpredictable and infrequent event

>This is not a safe assumption.  Check out the stats for ghio@kaiwan.com.

The context of my above assertion was a hypothetical message-mixing
system proposed by Hal Finney.  Although I must confess that I
haven't examined the statistics that you cited, I do not see their
relevance to this hypothetical system.

Of his own proposal, Hal says, "...it does have one disadvantage,
which is that there is no upper bound on the latency of a
message....  there is a small chance of having very large
latencies....  it might be possible to modify [this system] so
that messages never waited more than some maximum number of hours
without seriously hurting the entropy."

I believe that this is correct.  The message delays introduced by
Hal's proposed system were of exponentially diminishing
probability; thus, linear increases in delay cutoff become
multiplicative decreases in cutoff probability, and it is
therefore easy to set a cutoff value for delay which will occur
with sufficient infrequency as to be useless to the cryptanalyst.

>    it will not make cryptanalysis of the remailer any easier.

>I'm pretty sure that cryptanalysis, per se, is not the question, but
>rather traffic analysis.

By "cryptanalysis," I mean traffic analysis.  Considering the
remailers to be a cryptosystem was suggested recently on this list
by someone (I forget whom).

JD


-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAgUBLkerrEGHwsdH+oN9AQHAjgP+NqSxhzz/N/Wa8y9D5zulPEStYUkZVvpR
+krk8VbMRgcbw8OuMYQLG5VUO5viTrSw1zSEu1Hg7hVfZ1HKq8wgE2F/tOJA6r70
sKXfgXkQWi7Nxkz4pqPQSlpniVxW2G9rc4PK9U5aYIIktDKEzFigcZdcsGu20UJl
sJUlTlmrpn8=
=YvXF
-----END PGP SIGNATURE-----