[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Instructions for using nym.alias.net
WARNING: This site is still in "alpha" state, and may have
bugs. Please test it, but do not rely on it for truly
sensitive pseudonyms until it has been tested for a while.
Please report all bugs and problems to <[email protected]>
so that we can fix them.
* SETTING UP A MAIL ALIAS:
To set up an anonymous mail alias on nym.alias.net, you must first
generate a new PGP public/private key pair for use with your mail
alias. Do this by running "pgp -kg". You will be asked to choose a
user-id for your new key. When you are prompted for the user-id, type
something not very descriptive that gives no indication of either your
real identity, the alias name you will choose, or even the
nym.alias.net machine.
Unlike your regular PGP key, you should make an effort to keep your
remailer public key relatively secret, and you should not use it for
any other purpose. Do not sign it, and do not submit it to any key
servers or give it out to anyone. To make sure you don't accidentally
sign other messages with your pseudonym's private key, you should
probably choose a new passphrase for your remailer key. You may also
wish to put a line like:
MYNAME = <[email protected]>
in the file $HOME/.pgp/config.txt (which you can create if it
does not already exist).
Once you have a PGP key for your pseudonym, extract it to a file (for
instance with "pgp -fkxa 'key ID' > tmpfile".
Next, create a reply block for yourself. First choose some
passphrases for conventional encryption. Suppose you want your
message encrypted first with your public key, then with shared key
"passphrase_b", then with shared key "passphrase_a". Create a
remailer message like this ("Latent-Time: +0:00" will prevent any
delay--use something longer for more security.)
::
Request-Remailing-To: [email protected]
Latent-Time: +0:00
Encrypt-Key: passphrase_a
**
PGP encrypt this with a remailer's public key (you can get remailer
information from fingering [email protected], and you
can get the keys by running "finger [email protected] | pgp
-fka"). This will yield a message like this:
-----BEGIN PGP MESSAGE-----
Version: 2.6.2
hIwC/nqSW1QDQfUBBACknZMV93wFS2CH0orlgslmEm+alhjI1eKwbbTTmeRWC5Rg
/S3vZw+95ZuCZfqxKE0XrgZXzOEwfoyBcpVvf9Pb9D19TqEMTmmL/Jpl1xcxmbJ2
OGsHpQ/TxpazBCVhdBmPblj5wWvwfG1+ZKpIkQ5hiLJhryQM/TUDarEscs3zdaYA
AAB5231aMcQ74AKoDZizABMF3Tw+olV4mm4jVo9cMn2B3Rj2XBFl4pV9VL3h0ZQB
cPY/ytBRyZPugr0NpLgjO+q6mEjCcgQrxpYQ+1PvFPdDx1GmJ5ogZqW+AVHsNqAp
vRoiG8ZhXs4r3E8liFsNtMMf6CUAsdV2ZoX1Hw==
=Bla3
-----END PGP MESSAGE-----
Prepend to this the following header:
::
Encrypted: PGP
And finally add a command to send to the remailer you chose, yielding
a response block for one remailer:
::
Anon-To: [email protected]
Latent-Time: +0:00
Encrypt-Key: passphrase_b
::
Encrypted: PGP
-----BEGIN PGP MESSAGE-----
Version: 2.6.2
hIwC/nqSW1QDQfUBBACknZMV93wFS2CH0orlgslmEm+alhjI1eKwbbTTmeRWC5Rg
/S3vZw+95ZuCZfqxKE0XrgZXzOEwfoyBcpVvf9Pb9D19TqEMTmmL/Jpl1xcxmbJ2
OGsHpQ/TxpazBCVhdBmPblj5wWvwfG1+ZKpIkQ5hiLJhryQM/TUDarEscs3zdaYA
AAB5231aMcQ74AKoDZizABMF3Tw+olV4mm4jVo9cMn2B3Rj2XBFl4pV9VL3h0ZQB
cPY/ytBRyZPugr0NpLgjO+q6mEjCcgQrxpYQ+1PvFPdDx1GmJ5ogZqW+AVHsNqAp
vRoiG8ZhXs4r3E8liFsNtMMf6CUAsdV2ZoX1Hw==
=Bla3
-----END PGP MESSAGE-----
**
For greater security, you should repeat this process so that mail to
your pseudonym travels through multiple remailers. You can simply
encrypt the entire above message with another remailer's public key,
and insert the new cyphertext in a message similar to the example one
above.
Now, to set up a pseudonym on nym.alias.net, you need to mail four
things to [email protected]: The pseudonym you wish to use, a
"create" command, your remailer public key, and the response block.
The reply-block must always come last in your mail message. Thus, if
you wanted to choose the alias <[email protected]>, you would could a
message like this:
Config:
From: [email protected]
Nym-Commands: create +acksend name="Full Name of Nym Test User"
Public-Key:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2
mQCNAzGf6A8AAAEEAPknqWEUA8U4+l5TFkD5Fj0COten6bbIe5bBb/1MvI+w6mFl
z06CPb2K/Z1fzjT48ZyxwYR+S3jU3Z96JEFRl99HYh3lTIUiBHW/XtwyefF0y61x
qYkNuUpSFh9BDBFM7N3uVvaNbzLiFnqCpZLm5ZIfrLcla3qUgkTBtHVi58fRAAUR
tDhsY3MgbWl4bWFzdGVyIGFkbWluaXN0cmF0b3IgPG1peC1hZG1pbkBhbm9uLmxj
cy5taXQuZWRxPokAlQMFEDGf6ClEwbR1YufH0QEBX60D/jZ5MFRFIFA1VxTPD5Zj
Xw2bvqJqFvlwLD5SSHCVfe/ka6ALuxZGFKD/pHpUAkfv1hWqAYsJpi0cf8HSdi23
bh5dUeLJnHHHDmd9d55MuNYI6WTi+2YoaiJOZT3C70oOuzVXuELZ+nZwV20yxe8y
4M3b0Xjt9kq2upbCNuHZmQP+
=jIEc
-----END PGP PUBLIC KEY BLOCK-----
Reply-Block:
::
Anon-To: [email protected]
Latent-Time: +0:00
Encrypt-Key: passphrase_b
::
Encrypted: PGP
-----BEGIN PGP MESSAGE-----
Version: 2.6.2
hIwC/nqSW1QDQfUBBACknZMV93wFS2CH0orlgslmEm+alhjI1eKwbbTTmeRWC5Rg
/S3vZw+95ZuCZfqxKE0XrgZXzOEwfoyBcpVvf9Pb9D19TqEMTmmL/Jpl1xcxmbJ2
OGsHpQ/TxpazBCVhdBmPblj5wWvwfG1+ZKpIkQ5hiLJhryQM/TUDarEscs3zdaYA
AAB5231aMcQ74AKoDZizABMF3Tw+olV4mm4jVo9cMn2B3Rj2XBFl4pV9VL3h0ZQB
cPY/ytBRyZPugr0NpLgjO+q6mEjCcgQrxpYQ+1PvFPdDx1GmJ5ogZqW+AVHsNqAp
vRoiG8ZhXs4r3E8liFsNtMMf6CUAsdV2ZoX1Hw==
=Bla3
-----END PGP MESSAGE-----
Note that the first line of this message was "Config:". ANY MESSAGE
SENT TO <[email protected]> WILL BE SILENTLY DISCARDED IF THE FIRST
LINE IS NOT "Config:"!
This message must then be encrypted with the nym.alias.net public key,
and signed by your new remailer public key. The nym.alias.net public
key is listed here (pipe it to "pgp -fka" to add it to your public
key ring):
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2
mQENAzGzy5AAAAEH/2JjaB4AuQff90Mejru+FVptG4/wPmwK7WteavNXJpYxWoRm
SzxwNz70q4QCLKBR0QnzXqGeGtCB5IE4dIuPIkMiPvRv57rBaDe4qkzNkgwuZiH9
qGMsOSidCf+xaIJyL7RtljKuDSU8KH2OGIdwEpGa20U+9oXabWCpWwVvfJhgxPFF
xhiFLeMzhEUgsVXxIn2ThD8AyHyTUXWd11nvvTeKt+y9qX+7fUDrn6HIl1lFmxQA
RAOc83jjDNgWbanHWG9+1g8KFLkBrEdxJtNQeb/JMSZ122Dxda5CwtMnQGI0mCcr
dHNr1NA6WWaIfV0pR+sluNWFxNYuTk0OFgtg8c0ABRG0Kzxjb25maWdAbnltLmFs
aWFzLm5ldD4vPHNlbmRAbnltLmFsaWFzLm5ldD6JAJUDBRAxumL3RMG0dWLnx9EB
AaRTA/4xIgNrem7Yay0/rFfXgoGHUhWsZVhAlQP1fVEIRYuYEC4Biodwx3nYL31r
9IcgBkm/DUddkfCUfroMr7wbm6GnYnrVLc4dZ9ACCjUVX7n5hvanc8/Efx0yE03l
D+r9n5liz5X4vk65f+DIw1LykM9zTg/4GNwAENn6H5YTtg6Q+IkBFQMFEDG6YVlO
TQ4WC2DxzQEBIvMH/jER9tiQcJG2NvkiOqcIeBSPLb15EPFMg1He3clRIz398ToH
iv4oNKZEjVox3O0zowcUW0zfgtzhlMbudOwgoylCpCxVukuF1tsleoGlvDES0iA8
WdnYftt/rr3awf0j2pmLFbCmEDFaebuYgRXGe5yavaSjFDPzjFZqKwTYs5VnKOjP
XjI0yrem4PXw6K5sOANJKaa6yFrHJ/58iqbV8Rl7p0qNwwIi1nDn5UgpDOFDqWMq
sO9HUjRD2Y+Kmq6qlSg1gKV1hehZuAxHKtJAIZf+MPaI/sRbs79oN5GVwpmqoiZF
vz6bLS+qs69kVwg2RQoY2BSAzyUeT+rw70YfLAc=
=ekCY
-----END PGP PUBLIC KEY BLOCK-----
Create the message to nym.alias.net with the command:
pgp -seat file [email protected] -u 'remailer key ID'.
Once you have produced a PGP encrypted and signed message, mail it to
<[email protected]> (preferably through some anonymous remailers
for maximum security). If the name you chose is available, this will
create your mail alias. You can send mail to <[email protected]> to
get a list of pseudonyms already in use.
* SENDING MAIL FROM YOUR PSEUDONYM
Once you have created a mail alias, you will automatically receive
mail sent to that alias (encrypted with the public key you mailed it).
To send mail from that alias, simply create a mail message, encrypt it
with the nym.alias.net public key, sign it with your remailer key, and
mail it to <[email protected]>. Thus, for example, create a file
with (substituting the name you chose for "test"):
From: test
To: [email protected]
Newsgroups: alt.test
Subject: ignore this nym test
just a test
If this file is called "testpost", and your remailer public key ID is
"xx testkey", run the command:
pgp -seat testpost [email protected] -u 'xx testkey'
This will create a file called "testkey.asc", which you can then mail
to <[email protected]> to post the above test message to the
newsgroup alt.test.
Any mail you send through [email protected] will be PGP signed and
dated by the nym.alias.net private key to certify its authenticity.
If you do not wish your mail to be signed, or if your alias has its
own PGP key, you should simply send mail through ordinary remailers
(setting the From: address to be that of your nym) and shouldn't need
to go through [email protected].
* CHANGING OR DELETING YOUR MAIL ALIAS
To change either your public, your response block, or the parameters
of your alias, you can simply send another message to
<[email protected]> as you did to set up the the alias initially
(only without the "Nym-Commands: create" command). Once again, the
message will have to be both signed and encrypted with
pgp -seat message -u 'xx testkey'
as described above for sending mail.
To delete your alias entirely, send encrypted and signed mail with
simply the lines:
From: test
Nym-Commands: delete
(substituting your real alias name for test). After deleting your
alias, you should receive PGP-signed mail explicitly acknowledging the
deletion of that alias. An acknowledgment simply confirming generic
"successful execution" of your request does not indicate that your
alias has been deleted.
There several commands you can give using the "Nym-Commands:" header
in a message to <[email protected]>. You can place several on on
line, separated by spaces, or you can place multiple "Nym-Commands:"
headers in the same message. Valid commands are:
+acksend/-acksend
Enable/disable an automatical acknowledgment each time a message is
successfully remailed for your alias through <[email protected]>.
+cryptrecv/-cryptrecv
Enable/disable automatic encryption with your public key of messages
received for your alias. If public-key encryption is disabled, you
absolutely must conventionally encrypt your messages if you wish to
preserve your privacy (conventional is a good idea anyway--see the
section on security).
+fixedsize/-fixedsize
When you send the +fixedsize Nym-Command, all messages you receive
will be padded to exactly the same size (roughly 10K). This padding
will take place outside the public key encryption, and so will only
be useful if you also use shared-key encryption. If you do used
shared-key encryption, however, (and you really should), having all
your messages be the same size will make it significantly harder for
anyone to do traffic analisys on mail to your nym.
+disable/-disable
One of the most effective forms of attack on a pseudonymous remailer
such as this is to flood the system with messages for a particular
destination. Moreover, because this alias software does not know a
message's final destination, it is possible that some joker could
point an alias at itself (maybe even using two reply-blocks to
create exponentially increasing levels of traffic). To protect
against this, if you receive more than 256 messages in one day, your
alias will be disabled and further mail to you it will bounce. You
will receive mail notifying you of the situation if this happens to
you. At this point, you can re-enable your alias by sending a
message with "Nym-Command: -disable" to <[email protected]>.
name="My \"Alias\" Name"
To set up a name to be printed in all your outgoing messages, like
this:
From: My "Alias" Name <[email protected]>
You can set it with the name= Nym-Command. Note the outer quotes
are necessary even if your name does not contain any white space.
Any quotes and backslashes in your name must be escaped with a
backslash.
create
This command must be given when creating a new alias.
delete
This command deletes your alias and wipes your response block. As
described above, you should receive PGP-signed mail explicitly
acknowledging the deletion of your alias. An acknowledgment simply
confirming generic "successful execution" of your request does not
indicate that your alias has been deleted.
* REPLAY
The remailer keeps a replay cache, and will not accept the same
message twice unless each copy has been separately signed. Thus, it
is safe to send multiple copies of outgoing E-mail messages through
very long remailer chains, if you are worried about one copy not
getting through. Whether one or more copies actually make it through,
only one copy will go out.
One side effect of this is, however, that if you PGP sign a test
message and mail in the same message multiple times, it will only work
the first time.
Note that signatures are only considered valid for a week. Thus, if
mail comes to [email protected] more than a week after you signed it,
that mail will be dropped.
* MULTIPLE REPLY BLOCKS
Sometimes anonymous remailers can be unreliable, and you would like to
receive two copies of all your messages through two independent
remailer chains. Alternatively, perhaps you want to send one copy of
each E-mail message you receive to the bit bucket through a long
series of anonymous remailers. You can assign multiple reply blocks
to your nym by prefixing each with "Reply-Block:" at the end of a
message to <[email protected]>. For example, the following message
to <[email protected]>:
Config:
From: test
Reply-Block:
::
Anon-To: [email protected]
Latent-Time: +0:00
Reply-Block:
::
Anon-To: [email protected]
Latent-Time: +1:00
Will setup your alias to send one copy of each message you receive to
"[email protected]" immediately, and to send a second copy
to "[email protected]" after up to one hour of random delay. Of
course, in order for this to be useful, you should use more complex
reply-blocks which chain through multiple remailers.
It may also make traffic analysis more difficult if you don't always
use the same remailer path. You can assign a probability to a
remailer block by adding "p=probability" to the remailer block (where
'p' can be any single letter variable name). For example, consider
the following reply-block:
Reply-Block: p=0.5
::
Anon-To: [email protected]
Latent-Time: +1:00
Reply-Block: p=0.5
::
Anon-To: [email protected]
Latent-Time: +1:00
Reply-Block: q=0.75
::
Anon-To: [email protected]
Latent-Time: +0:00
3/4 of the time, a copy of a message you receive will immediately be
mailed to [email protected]. After some random delay, your
message will be mailed to either "[email protected]" or to
"[email protected]". Multiple reply-blocks with the same
probability variable are mutually exclusive. Thus since the p blocks
are "p=0.5" and "p=0.5", and since 0.5 + 0.5 = 1.0, you are guaranteed
to get a copy of all your mail. Generally speaking, you will probably
want all the weights associated with a particular variable to add up
to 1.0 unless the reply-block is just for cover traffic. Bizarre
behavior may occur if your probabilities add up to more than one--this
is not recommended.
While the idea of using many different reply-blocks with small
probabilities may seem appealing for defeating traffic analysis, keep
in mind that each reply block is traceable back to you. Suppose you
have 10 reply blocks for your 'nym, each with probability 0.1. If
those reply blocks become compromised, only one of the 10 will have to
be uncovered to find out your real identity.
* SECURITY
If you care about the secrecy of your identity, then the only truly
secure way of of protecting it is by pointing all your response blocks
to usenet newsgroups.
The most important thing to realize about the privacy of your messages
is that anyone can determine your PGP public key ID from looking at an
encrypted message. That means if you don't conventionally
super-encrypt mail, an observer on the network or at a remailer may be
able to determine which public key corresponds to which nym, and use
this to track messages. If you redirect your mail to news group
alt.anonymous.messages, observers will be able to determine your
public key ID and observe how much mail you are getting.
For this reason, you should conventionally encrypt your mail in
addition to public-key encrypting it. If you only want to use
conventional encryption for most mail, you can disable RSA encryption
by sending signed/encrypted mail with 'Nym-Commands: -cryptrecv' to
<[email protected]>. There is a large benefit to using public-key
encryption. If you only use conventional encryption and your
reply-block is compromised, then previously recorded messages sent to
you will be able to be decrypted. With RSA-encrypted messages, there
is no way for anyone but you to read the message once it has left
nym.alias.net.
* POLICY
Any use of this alias service for illegal purposes is strictly
prohibited.
Do not rely on this nym server to protect your identity. You should
be relying far more heavily on the integrity of the remailers through
which you chain your replies. The nym.alias.net service is provided
in the hope that it will be useful, but the administrators can make NO
GUARANTEES WHATSOEVER that your identity will not be compromised.
That said, we will make a reasonable effort to keep the machine secure
and to ensure that your reply block never gets backed up to tape or
otherwise copied. Note, however, that your PGP public key will get
backed up to tape, and so will likely be available for a while even
after you delete your Nym. The server also keeps, not backed up, two
additional pieces of information on your nym: First it counts the
number of messages your alias received in the current 24 hour period,
so as to detect flooding attacks and alias loops with exponential
message explosion (see the description of the -disable Nym-Command for
more info). Second, the server stores the date of the last day on
which you sent a PGP-signed message to [email protected] or
[email protected]. This is to help garbage-collect inactive accounts
with lost PGP keys at some later point should that become necessary.
Nym.alias.net is the same machine as anon.lcs.mit.edu. Keep this in
mind when choosing which remailers to chain through. (In other words,
using [email protected] as your last hop for mail to nym.alias.net
is probably a good idea if and only if you you also chain through one
more hop than you would otherwise have felt comfortable with.)
* E-MAIL ADDRESSES
<[email protected]>
The address to contact if you are having any problems with
nym.alias.net.
<[email protected]>
Sending mail to this address gets you a copy of this help file.
<[email protected]>
Get the PGP public key for nym.alias.net.
<[email protected]>
The address to contact for a list of all taken pseudonyms.
<[email protected]>
The address to which to send configuration messages. All messages
to this address must be PGP encrypted and signed with "pgp -seat".
In addition, THE FIRST LINE OF PGP-SIGNED TEXT IN A MESSAGE TO
config MUST BE "Config:". Otherwise your message will be completely
ignored.
When sending one or more reply-blocks to <[email protected]>,
they must come at the end of the message after any Public-Key: or
Nym-Command headers.
<[email protected]>
To send mail from your alias address, PGP encrypt and sign the
message with "pgp -seat", and mail it to this address.