[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

NSA Insecure Remailers?



I was thinking about remailer traffic analysis this evening and realized
that everybody who has come into contact (i.e. received or sent email to a
remailer) with a remailer is probably on an NSA list. Given the low volume
of information on the Internet backbone, only 45 Mbits/sec, it is not hard
to imagine that they at least perform routine traffic analysis looking for
things like packets going to and from remailers (unless I'm missing
something--please correct me). Encryption doesn't help here because the
header info isn't encrypted. Given that most remailers are not randomly
changing the sizes and delay times of incoming and outgoing traffic, this
probably also allows someone like the NSA to correlate incoming and
outgoing traffic and follow messages end-to-end (until they leave the NSA
surveyed portions of the network, anyway). 

Given the magnitude of the traffic analysis problem (I estimate about 24
gigabytes/day of addressing info saved: 45 Mbits/sec,86400 sec, 5% of data
is addressing), probably only the NSA and some defense agency we haven't
yet heard of are actually performing this analysis right now. But given the
declining price of storgae media, even saving everything on magnetic media
and paying $1000/gig, it only costs about US$8.7 million to keep a year's
worth of traffic headers around (media cost).

So what?

Well if Blacknet exists, it either means they are using something trickier
than the anonymous remailers that I know about or they are going to be
quickly washed up--at least if they do anything to run afoul of the big
guys (or maybe they're just a trot line for unsuspecting cypherpunks?). I
also don't know how much information you can get out of just header
analysis--for example, would this allow tracing anonymous posters into
Usenet newsgroups?

I suppose there are still things that you can do in the presence of such
surveillance to avoid detection: multiple remailer chains off of the main
backbones for example--which I may not currently know about.  I hope I have
made some obvious errors that list readers can correct, but my assessment
of the security provided by using anonymous remailers just dropped an order
of magnitude. 

It sounds like I need to learn about mixes and DC-nets about now, which I
presume are part of the solution to this dilemma? I have the dining
cryptographers paper, could someone point me towards more info?

Thanks.

---------------------------------------------------------------------------
---
Benjamin McLemore
[email protected]