Thank you for the comments, but I'm not sure I fully understand them all. First of all what is a TLA? Second of all, and this seems to be something I was unclear about in my first post---I need *not* mean to suggest that all clietns shared the same PRNG. Every pair of clients will have their own. By star-shapped, I meant the configuration of the communications network, not the abstract connection that exist between cleints by virtue of the PRNG's. As for a MAC being silly, well it would be if everyone used a different one, but I meant for it to be shared by all participants, so that the most the MAC would reveal is that *someone* on the network sent the message. Your paragraph that I have created a simple packet anonymizer is probably based on the misunderstanding of the points I mentioned above. I do like the idea of encrypting the link to the server with a PRNG, and since I will be running lots anyway... :) (O(N) not 1 for each client! :) ) it might be worth adding. Then again, I do not want to regard the server as a trusted party in any way... Collision detection is easy with a MAC, so I think I will keep it. I hadn't thought of using a ring topology... Interesting. I'll think about that one some more. How do hash trees help? Is that mentioned in the paper you cite? I'll take a look at that one before long. What's the title and author? -- Leonard Janke (pgp key id 0xF4118611)