[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: (Fwd) Gov't run anon servers

To: Hal <[email protected]>, [email protected]
Subject: Re: (Fwd) Gov't run anon servers
From: jim bell <[email protected]>
Date: Mon, 04 Mar 1996 13:10:19 -0800
Sender: [email protected]

At 10:52 AM 3/4/96 -0800, Hal wrote:

>However, if I were a computer-savvy law enforcement agent, and I wanted
>to track messages through one of my remailers, I would try a
>technological approach.  I would first break the key for my remailer.
>That is trivial.  The passphrase is in PLAINTEXT in the script file
>which runs the remailer!.  It has to be.  That is true of all automated
>remailers. 

Maybe I just don't know much about automated remailers, but I don't 
understand why you said that the passphrase "has to be" in plaintext in the 
script file.  I find this hard to believe.  While I am far from an expert on 
cryptographic matters, I would assume that any received attempt at a 
password could be securely hashed (128 bits?) and compared with a pre-stored 
hash value.   If it's the same, it's assumed that the password was correct.

What's wrong with this?

Follow-Ups:
- Re: (Fwd) Gov't run anon servers
  - From: [email protected]

Prev by Date: Re: Mainstreaming PGP on Usenet
Next by Date: Report on Privacy Enhancing
Prev by thread: Re: (Fwd) Gov't run anon servers
Next by thread: Re: (Fwd) Gov't run anon servers
Index(es):
- Date
- Thread