[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Message Havens



Thus spake SINCLAIR  DOUGLAS N <[email protected]>:
>  [email protected] (Karl Lui Barrus) writes:

>> Maybe I wasn't clear in what the "message haven" offered... I'm trying
>> to get away from the penet style mapping tables, persistent
>> information tying you and your pseudonym, and solve the "unsolicited
>> anonymous mail" problem.  The message haven requires no trust, no
>> tables, no information since it just accepts message and files them,
>> and if you retrieve all the message, the haven can't figure out which
>> ones you are interested in!
>This flavour of message haven would not require persistent tables.
>A crooked operator /could/ maintain them, but unlike penet they are
>not required.  Every time you log into a message haven, you tell it
>what tags you are interested in.  Here the level of trust is similar
>to that of a regular remailer.  The remailer /could/ keep logs to
>destroy your anonymity, but we hope it doesn't.
>
>I realize this solution is far from ideal.  But as I posted before,
>I don't believe the numbers favour a message haven where everything
>is downloaded.  I have this nagging feeling that there is some
>very elegant cryptographical way of doing this employing secret
>sharing, but I can't actually think of how to do it.

Couldn't each message have a short header, which is encrypted with the 
final recipent's public key?  When you go to retrieve mail from the haven, 
you request the complete list of headers (or at least those that are new). 
If you can decrypt the header, then the message is for you.  You then 
request that those messages, and also some random messages, be sent to you. 
If the sender uses one or more current-style remailers to send his/her 
message to the haven, it would much more difficult to work out a map of 
who is talking to whom.  

david
--------------------------------------------------------------------------------
David Scheidt                      PGP 2.3 key by email
[email protected]           or finger [email protected]

"If we don't remember what we do, how will we know who we are?"
					-Ronald Reagan