Timothy C. May wrote:

At 10:25 AM -0800 3/23/97, "Dr. Roberts" wrote:

...

The remailer network itself may be treated as a black box. This means that if you suspect certain people are posting messages to a certain list you need only watch the timing of the suspect's posts to verify guesses. This makes an attack on the remailer network quite inexpensive because you need to monitor a relatively small number of people in your jurisdiction.

If a mix accumulates, say, 100 messages, and posts one of them to some destination, no amount of "timing" analysis points to which of the 100 incoming messages was the source...this is the essence of mixes/remailers. (Modulo the usual assumptions about message size, encryption, etc.)

I wouldn't be so certain about this. Consider the fact that the remailers can be initially studied through relatively _pure_ analysis, for starters. i.e. - a series of slow periods of remailer use where and entity can ensure that almost all of those 100 messages belong to them. Thus the remailer can be studied for non-random patterns that may be unknown even to the operator himself. Then consider the fact that many of the people using remailers have habits and patterns that can easily be studied and followed. i.e. - Time periods online, standard delay time used in posting commands, frequency and volume of their posts. You must also consider context and syntax analysis that point to the true author of anonymous posts, and the fact that, once known, their personal systems can be monitored to reveal the exact time and nature of their input into the remailers. Even knowledge of killfiles can eliminate some of the overhead for traffic analysis, eliminating some sources as being responsible for volume of anonymous email directed at certain subjects or authors. Many of the factors involved in traffic analysis can be obtained outside of the realm of actual input and output of the remailers themselves, thus narrowing the range of _unknown_ factors in that analysis. Certainly there has been much thought and consideration given to the remailer system, by people who allow for various methods of attack on and/or analysis of their system. However, the assumption of 100 _random_ messages can drop pretty fast when one takes into account the number of factors that may turn some of these messages into quantifiable and easily analyzed entities. Add to this the possibility of factors that are known to the attackers, but not to the defenders, and the margin of security drops even further. Care must be taken to realize that even if one is making efforts to conceal their email traffic, that the results of their efforts are also affected by the person who always posts between 4 and 6 pm, who always posts via the same remailer and who always uses a 2 hour delay command in his posts. One needs to remember, as well, that with the capabilities of autobots and switching mechanisms, that to flood a system or systems at certain critical times is an insignificant obstacle to inputing a large quantity of _know_ data into the frame of analysis.

...

Would anybody like to post some references? What is required to have a rock solid remailer network?

Dr. Roberts

Why not do the research into these references yourself and then post them?

This is an asinine statement. If you are interested in furthering the interests of privacy through encryption and remailers, why don't you aide someone asking for pointers to better information? Is this list reserved for those who already know it all? Can you say "statist?" Sure, you can.

As for what it would take to make a rock solid remailer network, go back and read some of the many hundreds of articles many of us have written on this subject, read Chaum's original 1981 CACM short article, and carefully study DC-Nets.

If all information was in those articles, then I suspect that the remailers would already be "rock solid." Rather than living in the past, as if all possibilities had already been discussed and decided, it might better serve some list members to take their hard-earned knowledge and apply it to today's situation, with new technologies, methodologies, routings, etc. Not only have these things changed, but the types and number of people who use them have also changed, thus changing the scope of possible approaches to traffic analysis. TruthMonger S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~