[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: How can you protect a remailer's keys?
The best solution I could come up with (and was willing to write and use)
is to specify the passphrase on the command line argument to the compiler
make solaris -DPASS="foozooblue"
-Lance
At 11:55 PM 6/1/96, Bill Stewart wrote:
>Encryption is critical for protecting against traffic analysis,
>but it's tough to protect a remailer's keys. Unlike regular email,
>where you can type the key in as you read it, remailers need to
>run automatically once you set them up. Some of the choices are:
>- leave it around in plaintext with only Unix file protections
> (Ghio2 works this way - does Mixmaster? My ghio2 version has it
> compiled into the binary, and I try to delete it from source.)
>- type it in to a long-running remailer process
> (with human intervention to start)
>- SSL-based remailers, where the web server handles crypto on
> a per-machine basis instead of per-remailer
>- use unauthenticated Diffie-Hellman (either hanging off
> a TCP port somewhere instead of mail, or
> 3 pieces of email)
>- off-line or off-site remailer such as a POP3 winsock remailer
> that makes it Somebody Else's Problem, and separates
> the remailer's public interface from the working parts
>- human intervention on every message (which may not be totally
> worthless for moderated news postings, if you want to
> take that approach to spam prevention.)
>
>Anybody have any other approaches? These are mostly weak,
>annoying, or both.
>
>
># Thanks; Bill
># Bill Stewart +1-415-442-2215 [email protected]
># http://www.idiom.com/~wcs
># Rescind Authority!
----------------------------------------------------------
Lance Cottrell [email protected]
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://www.obscura.com/~loki/Welcome.html or FTP to obscura.com
"Love is a snowmobile racing across the tundra. Suddenly
it flips over, pinning you underneath. At night the ice
weasels come."
--Nietzsche
----------------------------------------------------------