[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: strengthening remailer protocols

At 2:25 PM -0700 9/2/96, John Anonymous MacDonald wrote:
>I don't really see the use of this complicated scheme.  The main
>problem seems to be that if M floods remailer R with messages to B,
>and A sends a message to C through R, then it will be clear to M that
>A's message was destined for C.
>Rather than divert messages, then, I propose that for each input
>message there is a 10% chance that a piece of cover traffic is
>generated.  Thus, if M sends 50 messages through R and sees 6 outgoing
>messages going to remailers C, D, and D, he will now know which
>messages correspond to the message that A send through.

I quite like this load based cover traffic scheme. Another defense against
flood is to slow the rate at which the messages leave the system. A simple
modification to Mixmaster (which will be in the next version) is to have an
exponential pool. The operator sets two parameters, a minimum pool size,
and a fraction of messages to send each time the pool is processed. 10
messages and 10% seem like good settings to me. Given at least one cover
message each time the pool is processed, flooding is much less productive.

A side benefit of this system is a reduction in the load on the sendmail
system during a flood or spam.


Lance Cottrell   [email protected]
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://www.obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."