Ray Dillinger wrote:
Instead, they will attack the weakest point -- trying to drive remailer operators out of business and thus destroy the infrastructure you need. That is the threat model I'm concerned about, and given that network monitoring is now automatable and cheap, it is entirely do-able.
Some people think this is happening now. Since the remailers don't do an authenticated handshake when they hand off traffic, an active attacker could simulate the receiving remailer. The sender thinks the message is sent and the receiver never knows it didn't arrive. Your threat model doesn't mean messages can't be sent, though. It just means messages between remailers have to travel over "sneaker net". A 20GB tape carries 1,953,125 messages. Let's say the senders will pay $0.10/each to have them carried over a damaged zone. That comes to $195,312.50. At 140g, that's $1,377.89/g, or over 20 times the value by weight of cocaine. Not only that, when you lose a mule you don't lose the commodity because it's just information. The managers just send another copy over. The problem is a little harder than the remailer problem. The links have greater latency, and each remailer won't be able to advertise its existence, so you need more sophisticated trust mechanisms. Similar problems have been solved before. There have been numerous illegal lotteries, for example. (See "The Autobiography of Malcolm X" for one.) These lotteries are amazing - these guys didn't even have strong authentication and they were (and are) able to handle large sums of money with virtually no complaints. One thing that can't be stopped right now is an underground newspaper. The editors can just sign each issue with gpg and distribute it on diskette. An easy way to solve your problem is to pay a fee to the editors to include encrypted messages. People have to give their friends the entire thing or they will be passing along unauthenticated copies.