[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: REMAILER PROPOSAL



Lets call all the "Spoon-E"s you buy at one time, using one ID number, a
roll. If the "Spoon-E" issuer, and the first remailer in one of your
chains, collude they can identify all of your messages using any stamps
from that roll.

Method:
The issuer keeps a log of all ID numbers and "Spoon-E" numbers. A remailer
sends the address of each sender, along with the "SpoonE" number of the
message. Now any message with a stamp from the same roll can be assumed to
be from the same person.

Unless you are sending many messages through the bramble at the same time,
you are providing wonderful traffic analysis to the issuer. He will know
when and approximately when each of your hops was. This almost collapses
you chain to the security of a single hop.

A solution to this would be to use a different roll for each hop (not each
remailer), and one for each destination. You would have one "first hop"
roll, which would be easy to identify with you. Several rolls would be for
intermediate hops (no roll used twice in one chain). You would also keep
one roll per final destination, which could be easily identified with the
recipient, but not with you.

--------------------------------------------------
Lance Cottrell  who does not speak for CASS/UCSD
[email protected]
PGP 2.6 key available by finger or server. Encrypted mail welcome.
Home page http://nately.ucsd.edu/~loki/
Home of "chain" the remailer chaining script.
For anon remailer info, mail [email protected] Subject: remailer-help

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche