[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: (Fwd) Gov't run anon servers
> We've talked about possible hardware security measures, even
> those that only rely on physical box security. A box that does
> decryption, mixing, readdressing, etc., without being part of
> a Unix file system/network, could be a useful "Mom and Pop
> remailer" (the idea being that small shop owners, "Mom and
> Pop," could set this up, collect a little bit of spare change
> as a remailing fee, and not even have access to the internal
> state of the machine themselves.
While a solution like that would be optimal, even just a version of
Mixmaster that can use a secure RSA card would do wonders for security. The
secret key is protected in the card and can't be stolen, even by root,
without physically stealing the card. As long as the most of the remailers
in your chain don't have compromised secret keys, it probably won't matter
too much if the individual ops can examine the messages flowing through their
remailer.
The cards are getting cheaper and can be bought off the shelf (for now).
The hardest part of retrofitting existing remailer software would probably be
extracting the data from the remailer packet and formatting it properly for
the card to do encryption operations on it (and back).
andrew