Re: Message Havens

[SINCLAIR DOUGLAS N <sinclai@ecf.toronto.edu>]

> Why can't gopherhole send a random number of messages with a user selected
> cap?
> 
> Bob just sends one tag request encrypted with gopherhole's public key, and 
> gets between 5 and [User cap] messages.  Even better, (Light bulb) Bob 
> can send the number of messages he is currently equipped to filter along 
> with the tag and gopherhole can modify this just a touch +/- 10% say just 
> to keep Bob from getting lazy and asking for the same number all the time.
> Bob can then filter the tags himself with procmail or something.  Just seems
> simpler and easier on the user while harder on traffic analysis.

Of course!  If the gopherhole already has a keypair, it may as well
be used as much as possible.  Good idea.

> With the right randomization and frequent tag changes, it is hard to 
> associate bob with any tag.  This problem becomes increasingly difficult 
> if one introduces randomly generated tags and pgp messages and if the 
> user keeps the message cap high (25-30).  Bandwidth simply cannot be 
> saved if the attacker is getting the downlink from gopherhole if you are 
> using a tag system like this.  The user just has to deal with 30 messages 
> to best avoid the traffic analysis on this side.  A tap on bob's line 
> reveals that he may have a connection with any of 25-30 real or imaginary 
> tags.  One less thing to go on if you are an attacker, fake tags are a 
> real headache.  Some clever filtering method for tags would be a nice 
> touch.  All lowercase, all between four and seven letters and nouns or 
> something...?

Yeah, it certainly isn't trivial to attack.  However, I'd like to make
sure that it's proveably hard.  I'll sit down tonight and try to muddle
through it.

> -uni- (Dark)

Doug