Anonymous mail service up for alpha testing
-----BEGIN PGP SIGNED MESSAGE----- I've written a small anonymous mail service, and it's now available for testing. There's no security, and I'll be keeping logs, so don't think that it's secure, in any way. It's also running on a PPP link which isn't connected all the time, so it's rather flaky. (I'll set it up as a real service once I get a real link-- if anyone else wants to do it, they're welcome to use my code.) How to get an anonymous account: Send mail to admin@infinity.hip.berkeley.edu -- include in the message a login, a "Full Name", a choice of remailer, and an encrypted return address block encrypted with that remailer's public key. I'll set it up. How the anonymous account works: Someone will send mail to login@infinity.hip.berkeley.edu. Then the system looks up in a table which remailer is associated with that login. It then sends out mail to that remailer, starting with the contents of the encrypted return address block, then a "##" and then all of the message to login@infinity, with "Received" lines taken out. Thus once the message gets to the last remailer of the chain in the encrypted return block, the ## pasts the identifying information of the person mailing to login@infinity.hip in the header of the message. (It *should* do that...) If the person mailing to the infinity address would like anonymity he/she should use an anon-mailer on his/her end. The encrypted-return address you send me should look like: :: Encrypted: PGP - -----BEGIN PGP MESSAGE----- etc. Make sure you include that ::/Encrypted or the remailer which gets it won't know that it's PGP encrypted. Remember, this is just setup for testing. Don't use it for real applications. - -Sameer -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLU9jrni7eNFdXppdAQH/FwP/b9pllDYnW6L4x0y1dVnC6km9TQ9lTw2x U/ea87JnguYSHYRxOk6lZoBBx5ZH/A48OCHJztzWHaSP2Tq69Oro4FTrtRcpTjbf ti8L97x9+Xvx1A6/Vkw1nuS5MRJ8SoPUV4bDKFdf80Ykhik5bk8b0WOUew1uF6dq QJzyDsKDFQU= =2EIr -----END PGP SIGNATURE-----
On Wed, 2 Feb 1994, Sameer wrote:
-----BEGIN PGP SIGNED MESSAGE-----
I've written a small anonymous mail service, and it's now available for testing. There's no security, and I'll be keeping logs, so don't think that it's secure, in any way.
Excellently and well done, Sameer! Ah, the pleasure of seeing a budding cypherpunk do us all some good. Keep us posted. Mucho Obligado, Amigo, brianB
[Here is the conclusion to my QC paper, unfortunately I can't get the whole file into a PS format because of the faulty file translators in the Mac applications.] Conclusion Quantum cryptography has proven to be an interesting and novel application of quantum physics. It does posses some severe limitations that I have considered. Optimistic predictions of itÕs affective area is still far below 100 km. This may of course change depending on technological development. It has been suggested to me that one could have secure stations where interception and reception of the message would be allowed. [10] This is possible, but weakens the ÔabsolutenessÕ that is the appeal of quantum cryptography. A basic assumption is made previous to the research mentioned: that Eve will not interfere on the public channel. It could be very possible that Eve would set herself up between Alice and Bob on the quantum and private channels, and act as a relay station that I mentioned in the first point. She would have to impersonate both Alice and Bob, who in reality might not even be on the same public and quantum channels, but merely think they are. Public key methods could be used for authentication, but this destroys the motivation for the use of quantum cryptography. I feel the solution here is in the definition of ÒpublicÓ. Meaning a random and public switching of public channels, phone numbers and such. Even this may be subverted by a very powerful Eve who may also control the phone companyÕs switching circuits. Perhaps further thought can resolve this issue, but the problem of identification and authentication on the public channel is severe. Further, quantum cryptography is subject to a denial of service attack. If Eve wishes, she may destroy the unique and expensive quantum channel, or merely observe everything that goes by, not caring to read the information, just making it unsuitable for use by Alice and Bob. EkertÕs concept of keeping shared EPR pairs in permanent storage (perhaps using a superconductor to warehouse keys when the quantum channel is open) is not yet feasible, and it will be necessary to keep these keys somewhere , but the security of keys is not a problem unique to quantum cryptography. I look forward to the resolution of these issues and the further development of the technology that will allow quantum cryptography to become a ÔpracticalÕ security mechanism. 1. C. Bennett. Science.. vol. 257, p. 752 (August, 1992). 2, C. Bennett, G. Brassard, and A. Ekert. Scientific American. p. 50 (Oct., 1992) 3. A. Ekert, Phys. Rev. Lett. vol. 67, p. 661 (1991) 4. C. Bennet, and G. Brassard, Phys. Rev. Lett. vol. 68, p. 557 (1992) 5. A. Ekert, J. Rarity, P. Tapster, and G. Palma, Phys. Rev. Lett. vol. 69, p. 1293, (1993). 6. A. Muller, J. Breguet, and N. Gisin. Europhs. Lett., vol. 23 (6), p. 383 (1993). 7. S. Barnett, and S. Phoenix. Phys. Rev. A, vol 48 (1), p. R5, (July, 1993). 8. C. Bennett. Phys. Rev. Lett. vol 68 (21), p. 3121 (1992) 9. D. Denning. Cryptography and Data Security. 10. Personal e-mail as a follow-up to a posting to sci.crypt. I have unfortunately lost the personÕs name.
participants (3)
-
Brian Beker -
Joseph Reagle Jr. -
Sameer