In message <9306291227.AA00990@kolanut>, Joe Thomas writes:
Consider cryptographic secret-sharing protocols. If we have 20 remailers, each remailer could split his key into 20 pieces, 15 of which would be necessary to reconstruct the key. When a remailer goes down, the key could be reconstructed and given to a substitute remailer. The system can survive the loss of 5 remailers, and would require a collaboration of 15, or 3/4 of the remailer operators to intentionally break the security.
Joe
This secret sharing *does* look very appealling. How would the substitute remailer be chosen? Very difficult to build, however, as it would require a great deal of similarity between remailer software. How can a key be split into 20 pieces while only requiring [any?] 15 to work? Redundancy? It would be a good idea to have two sorts of keys for each remailer, maybe. One key for normal usage and another key for communication between remailers, key-part distribution, etc. -- | Sameer Parekh-zane@genesis.MCS.COM-PFA related mail to pfa@genesis.MCS.COM | | Apprentice Philosopher, Writer, Physicist, Healer, Programmer, Lover, more | | "Symbiosis is Good" - Me_"Specialization is for Insects" - R. A. Heinlein_/ \_______________________/ \______________________________________________/