Re: (eternity) God's Own Backup Medium
Dan Fabulich:
I must be insane, because this seems simple to me. Don't listen.
It's simple conceptually, just some of the technical details are multi-axis tradeoffs which need to be made explicit.
Presume that the goal is a secure anonymous storage/retrieval system, paid for with e$. Armed with a persistent naming system for each document, we set up e$ protocols to pay for storage of a (possibly encrypted) document OR to pay for retrieval of a particular named document. I broadcast that I want up to ten people to store my XMB document and that I'm prepared to pay $Y/mo. to each participant. My document is then secure for as long as I'm prepared to pay for it. It is anonymous to the extent that information can be transferred anonymously between me and the other willing participants; it is therefore a remailer problem, not an Eternity problem.
It's an Eternity problem if you want your eternity system to have better performance than the remailers have. What you really need is a multi-level security infrastructure, where someone (the owner of the data, the individual intermediate server operators, etc.) can choose the level of security they will provide to meet certain Quality of Service levels. Yes, for a lot of the data you're handling, remailers are a good model. However, steganographically-protected streams hidden inside other streams work better for certain things. Perhaps quantum channels work better for other things. Perhaps hand-carried optical tapes are best for others. The system should have a way of handling these formats in a suitably abstract way.
Alternately, if a document is in high demand, someone might offer money to anyone who can provide a particular document given by name. Any willing sellers could then exchange information/e$ via e-mail. (One might even imagine data-traders who would seek out valuable information at a bargain and sell them to others at market value.) Again, the mechanism is only anonymous to the extent that e-mail is secure.
Which helps both security and performance. A very good mechanism.
Note that the system is profitable to all of its participants no matter WHAT the broadcast mechanism is. The more automation, the more profitable. The more participants, the more profitable. The more information online, the more profitable.
Yes. That's why I'm including market-based techniques in Eternity DDS -- I think market-based arguments are as powerful as statistical ones -- perhaps not as powerful as mathematical/cryptographic proof, but close.
The missing link here, of course, is anonymous e$. Despite the success of the remailers, I've never been convinced that they're not vulnerable to traffic analysis. (Possibly this is why no one has ever bothered to shut them down?) And even if we COULD set up automated daemons to monitor the broadcasts and negotiate trades, there's still no good way to distribute money over the net.
I know with high confidence there will be a deployed quality anonymous e$ system in 1998.
At any rate, keeping the system independent of its broadcast medium (which can be done pretty easily by just making sure that the program communicates in [encrypted] plaintext,) should make the system autocatalytic... At that point, just let it run, get as many people running it as possible and let the market take over.
Yes. Both Eternity-USENET and Eternity DDS are only secure once they grow to a certain size. Market pressure is (I think) the best way of getting a system to scale to that size. (Eternity-USENET is vulnerable to technical Denial of Service attacks with the current small number of indexing servers, even if it is protected from legal issues. I think illegal or extralegal attacks are as dangerous as the legal ones) -- Ryan Lackey rdl@mit.edu http://mit.edu/rdl/
At 01:25 AM 1/16/98 GMT, Adam Back wrote:
How do we improve the resistance of the remailer network to well resourced attackers intent on dismantling it?
An obvious thing to try is to add some more remailers. 300 remailers would not be immune to simultaneous shutdown by the authorities, but it would make it more difficult. A dozen of so remailers makes shutdown fairly simple. A less obvious thing to try is to get the general windows users to start making use of remailers. If Eudora, Pegasus, and Outlook came nym ready out of the box, with the ease of use of a spell checker, then this would generate enough traffic to flood the remailer network and require hundreds of servers. This idea has it's own problems, but there is not much traffic on remailers. One of the busiest remailers in the world still has only about 3,000 messages per day. One spammer can send mail to more destinations in a weekend than the entire remailer network in a year. Threats to the remailer network come from a few basic places. 1. Traditional law enforcement 2. Unauthorized law enforcement 3. "friends" of message recipients or "friends" of the remailer 4. unreliability of the machines that form the network 5. Hacking attacks 6. Design 7. User incompetence Of the above, the most dangerous in my opinion is "friends". This is what shut Balls down. This is where Cracker gets the worst complaints. Seldom do I hear a complaint from a message recipient, more I hear from "I have a friend who got this message..." Traditional law enforcement is a quick call with a thank you I'm dropping this. While penet shut down after an investigation, he alluded to the fact that he was just tired of the hassles. Weasel did not shut down because of the law, but due to the desire to not expose his ISP to hassles. Traditional law enforcement takes so long to investigate, the keys could be canceled and replaced several times. In the US I don't think that law enforcement really cares enough to issue a warrant. Almost no warrants have ever been issued for remailers. Though I would not be surprised to find that intense extra-legal investigations were done on cases that involved situations such as Jim Bell's Assassination Politics. Cracker goes off line for a few hours every month. We basically never lose messages, but we can delay some. We have a downtime between 1.6% and 3% on the overall average. This is our remailer only. Compare this with the network - we only had 26 minutes of downtime in the last 365 days. Recently another remailer went down due to a hard drive problem - for a week or more. Software and hardware problems are significant issues for remailers. Another is incompatibilities in moving data from one mail host to another. Every once in awhile machines just become incompatible, often due to sendmail configurations designed to block spam or provide better security. As for hacking attacks, Cracker/EFGA has had some people censured by their ISP for stuff like spoofing us, mailbombing, and that good 'ole ping thing. To be honest, we've never been hurt by it anyway, but we do monitor for such things. A significant problem is in design. The remailer network is not designed to be robust or fault tolerant. There is no error notification to the user. If your message gets dropped along the way, there is no recovery system that gets it through another route. If you misspell your destination address, or other problem exists, you don't get notified of the event. Still for a group of volunteers running software that is patched almost every week, providing services for free - they don't do a bad job. -- Robert Costner Phone: (770) 512-8746 Electronic Frontiers Georgia mailto:pooh@efga.org http://www.efga.org/ run PGP 5.0 for my public key
-----BEGIN PGP SIGNED MESSAGE----- On Fri, 16 Jan 1998, Robert A. Costner wrote: [...]
The remailer network is not designed to be robust or fault tolerant. There is no error notification to the user. [...] How would this be implermented. If you are able to trace backwards so you know who to notify then you don't have anonminity.
- -- Please excuse my spelling as I suffer from agraphia see the url in my header. Never trust a country with more peaple then sheep. ex-net.scum and proud You Say To People "Throw Off Your Chains" And They Make New Chains For Themselves? --Terry Pratchett. -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQCVAwUBNMMPA6QK0ynCmdStAQG8qgP8ClMmPfeGkEJ9Fydfb5i3n1ARuKRV+nET cLIt9GfU9vlrashs+2Shx/c8bz67+rl0eOAdgNBbDlW8Fe1Qzb9EfRCn24f+ZL0K +7PyBc+2YTfWOTrmEGihNuLnKUtFUNRrjyC0+PHWDCTOZx+W9LzAxKsbw8TzPWAF zMG5ooTbM+E= =2cCi -----END PGP SIGNATURE-----
On Mon, 19 Jan 1998, ? the Platypus {aka David Formosa} wrote:
How would this be implermented. If you are able to trace backwards so you know who to notify then you don't have anonminity.
It could be done if the remailer software is rewritten. When you send a message, include instructions for the last remailer to write a message to either usenet or a web page on the same net as the remailer with a sender selected id. Have these pooled and posted every day/week, etc... If your mail bounces it you'll know by reading a page off a server, or a message off usenet... i.e. for the last one in the chain ::Request bounce "xyzzy12345" Dont post anything other than the bounce strings to the world. (i.e. don't post the intended recipient's name, etc...) =====================================Kaos=Keraunos=Kybernetos============== .+.^.+.| Ray Arachelian |Prying open my 3rd eye. So good to see |./|\. ..\|/..|sunder@sundernet.com|you once again. I thought you were |/\|/\ <--*-->| ------------------ |hiding, and you thought that I had run |\/|\/ ../|\..| "A toast to Odin, |away chasing the tail of dogma. I opened|.\|/. .+.v.+.|God of screwdrivers"|my eye and there we were.... |..... ======================= http://www.sundernet.com ==========================
Ryan Lackey <rdl@mit.edu> writes:
(Eternity-USENET is vulnerable to technical Denial of Service attacks with the current small number of indexing servers, even if it is protected from legal issues. I think illegal or extralegal attacks are as dangerous as the legal ones)
Public access servers aren't a good idea. Really people should be running local access servers only. The index is local, cache is local, and USENET is a distributed broadcast medium. Seems close to ideal to me, the problem being as Tim points out: bandwidth limitations. The bandwidth limitation is debilitating; to overcome this we have to relax security, for example by using remailers rather than USENET for all but indexes of documents. One criticism I noticed several people raise was that USENET would be shut down as a way to kill eternity USENET when something controversial gets posted. However it seems to me that the weakest point is the remailer network. It seems likely that it would be much easier for governments to shut down the remailer network than it would be to shut down USENET. There are only around 20 or so remailers, and they all have known IP addresses, operators, localities, etc. I expect the spooks could shut them down with less than 1 days notice if they wanted to. So, where would blacknet, and eternity USENET be after that? How do we improve the resistance of the remailer network to well resourced attackers intent on dismantling it? Adam
At 6:37 PM -0800 1/15/98, Tim May wrote:
At 5:25 PM -0800 1/15/98, Adam Back wrote:
Ryan Lackey <rdl@mit.edu> writes: However it seems to me that the weakest point is the remailer network. It seems likely that it would be much easier for governments to shut down the remailer network than it would be to shut down USENET. There are only around 20 or so remailers, and they all have known IP addresses, operators, localities, etc. I expect the spooks could shut them down with less than 1 days notice if they wanted to.
Well, I have long argued for the need for thousands of remailers, esp. the "everyone a remailer" model.
But, although I agree we need many more remailers, I think Adam overstates the ease with which remailers can be shut down, at least in the U.S.
Came across this paper and thought it might address remailer reliability, "How to Maintain Authenticated Communication in the Presence of Break-ins," http://theory.lcs.mit.edu/~tcryptol/OLD/old-02.html --Steve
-----BEGIN PGP SIGNED MESSAGE----- Adam Back:
Public access servers aren't a good idea. Really people should be running local access servers only. The index is local, cache is local, and USENET is a distributed broadcast medium.
True.
However it seems to me that the weakest point is the remailer network. It seems likely that it would be much easier for governments to shut down the remailer network than it would be to shut down USENET. There are only around 20 or so remailers, and they all have known IP addresses, operators, localities, etc. I expect the spooks could shut them down with less than 1 days notice if they wanted to.
How do we improve the resistance of the remailer network to well resourced attackers intent on dismantling it?
By having anonymous remailers which are themselves anonymous -- running on discarded accounts, only known by a few other remailers, not the general public, perhaps by splitting up remailer addresses as a shared secret, so one remailer knows there is a "foo remailer" it can use, and has 1 of 3 where 2 pieces are necessary to have the address. and sends it to another remailer which may have the other part of the address. Perhaps probabilistic routing? Remailers which don't know all the components to an address, see how many they can assemble, and choose randomly? It does make enforcing "I want this remailed through multiple independent groups in case you're a fed" more difficult for the user -- perhaps they could send pieces of the message to be reassebled inside the remailer network? All of this is great, but it's a lot of work, and remailers are quickly consumed in this model. Thus what I think is the true solution: Providing a financial incentive for people to run remailers. This requires digital cash. I believe digital cash will soon exist, and thus this will soon be possible. (Also, a lot of these techniques would be valid in a higher performance non-email based system. Or even in a "type III" remailer network where secret sharing and probability and high traffic are used in place of message pools. Message pools are a direct tradeoff of performance for security -- an unacceptable tradeoff for current interactive systems, unless one could prefetch very effectively, or if so many people used a server that its message pool would not need to sit around very long -- this means the average user would be using a very small amount of the resources of a very large and highly loaded server -- this makes the large and highly loaded server an attractive target for attack.
Adam
- -- Ryan Lackey rdl@mit.edu http://mit.edu/rdl/ -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBNL8uuKwefxtEUY69AQGUuwgAwl0YJM/Qd7uPySeEWQq+Dne0HezmAKSl iNkJmgK352V1xz2wBqKtCnvt74WffvonA8ggtlq7Qw/KrYP+i0gkYmQ0wm7FDeWc rhpLtymFhr7BDyGV2gusiYHOW9yFCQ381YeXxSuc/l3SKi2IV9l3fXFcGlMCRr1E vHUYPimEGSiKJgr6P0wjS++6fz0KYlkKy4US4YUIFqh0jmoIf018UgZPVhwnmaj6 pyzzesRk0X183fmDinXwQCP/UE+DnwfYl5tl9Uv+cRXRbkRZe6zLik+gig1H9inz SIdkGS9PjV2EuA+kKysFEARWaLh8U6oppBwJrk/cUs6zdBAgnNo/sw== =/ssf -----END PGP SIGNATURE-----
At 5:25 PM -0800 1/15/98, Adam Back wrote:
Ryan Lackey <rdl@mit.edu> writes:
(Eternity-USENET is vulnerable to technical Denial of Service attacks with the current small number of indexing servers, even if it is protected from legal issues. I think illegal or extralegal attacks are as dangerous as the legal ones)
Public access servers aren't a good idea. Really people should be running local access servers only. The index is local, cache is local, and USENET is a distributed broadcast medium.
Seems close to ideal to me, the problem being as Tim points out: bandwidth limitations. The bandwidth limitation is debilitating; to overcome this we have to relax security, for example by using remailers rather than USENET for all but indexes of documents.
This was my point, and has been for years (though not in the context of "Eternity"). To wit, save the bandwidth for _pointers_, not raw data. To make this concrete, suppose Alice is in possession of a set of photographs of Bill Clinton engaged in sex with his mistresses (Paula Jones, Gennifer Flowers, Tammy Faye Baker, Margaret Thatcher, etc.). The file size is 5 MB. The pointer to this file is _much_ shorter, namely, a text description, and/or possibly a set of blurred thumbnails. And if the file is only occasionally requested (or purchased), it makes no sense to blast it to the Usenet frequently (*). (* And how frequent is frequent, even in Eternity Usenet? I argue there is little point in blasting such files on a weekly basis, say, as even that is *much too slow* for someone who really wants the file NOW. A "call and response" response system, to borrow a phrase from the blues, makes a lot more sense.) Additional dimensions or axes are: how many requestors? and how many suppliers?
One criticism I noticed several people raise was that USENET would be shut down as a way to kill eternity USENET when something controversial gets posted.
I have not argued this. Usenet is notoriously hard to "shut down." However, it is quite likely that newsgroups carrying vast amounts of "Eternity Usenet" stuff will overload the system and effectively force the newsgroup to not be carried by many sites (just as alt.binaries.pictures.* groups are already excluded from many newsfeeds, for both bandwith/storage and naughtiness reasons).
However it seems to me that the weakest point is the remailer network. It seems likely that it would be much easier for governments to shut down the remailer network than it would be to shut down USENET. There are only around 20 or so remailers, and they all have known IP addresses, operators, localities, etc. I expect the spooks could shut them down with less than 1 days notice if they wanted to.
Well, I have long argued for the need for thousands of remailers, esp. the "everyone a remailer" model. But, although I agree we need many more remailers, I think Adam overstates the ease with which remailers can be shut down, at least in the U.S. Although there are many "extralegal" atrocities committed in the U.S., as in all countries, consider some "protections" which exist in the U.S. (I am no expert on English common law, so will confine myself to the U.S., where at least I have some knowledge): 1. The First Amendment is incredibly powerful ammunition against a blanket shut down of "speakers" or "publishers." Vast amounts could be written on just this one point. Basically, if the U.S. Government was constitutionally unable to stop even the publication of the Pentagon Papers, how could Joe's Remailer be enjoined from passing along received messages? 2. Even a hypothetical law requiring senders to identify themselves, seen by some as an end to remailers, would be easily surmounted by interpreting remailers as "commenters." By this I mean the following: "Hey, Fred's Commenter Remailer, look at the weird message I just received: lke[i=39023pok=94pk[e=f 3r93ir=-039r=30r9p0ir-3r9i3=r0923= 1-903u-q938-398-9 etc. Any comments on what this means?" In other words, unless the right to _comment_ on a received letter or message is quashed, I can simply comment on such messages. (Of course, Fred's Commenter Remailer would do the same with the next in line.... I mention this not because I think it is likely, but to show the can of worms the government would open if it tried to "ban remailers." 3. Encrypted speech is speech. So long as speech is legal, encrypted speech is legal. Any law limiting encrypted speech is limiting speech (in an overbroad way, not the narrowly defined "shouting fire" cliches). So long as encrypted speech is legal, remailers will be legal. --Tim May
So, where would blacknet, and eternity USENET be after that?
How do we improve the resistance of the remailer network to well resourced attackers intent on dismantling it?
Adam
The Feds have shown their hand: they want a ban on domestic cryptography ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^2,976,221 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
participants (7)
-
? the Platypus {aka David Formosa} -
Adam Back -
Ray Arachelian -
Robert A. Costner -
Ryan Lackey -
Steve Schear -
Tim May