From: John Perry <perry@vishnu.alias.net>

Well actually... The passphrase in a mixmaster remailer is defined as an environmental variable at compile time. The passphrase is not stored in any cleartext fashion but is embedded in the executable. Additionally the newer Ghio code (Matt's latest revision) has the passphrase defined as an environmental variable in remailer.c. Once remailer is compiled, you can delete the passphrase from the code. I can't speak for the freedom or other remailers as I haven't tried them. It's a little harder to get the key than just looking for a cleartext file that contains it. That is, if the remailer operator is being careful.

OK, I stand corrected regarding the operation of mixmaster. However, this does not gain much security, certainly not in comparison to the effort involved to break a key. It will be just as easy to steal the mixmaster executable as to steal a script file containing a pass phrase. And it might even be possible to run the stolen mixmaster directly to decrypt intercepted incoming mail messages, without even having to type in the pass phrase. Failing that the attacker could easily extract the pass phrase from the mixmaster executable file. The other suggestion that was made here, that the operator would have to manually type in the pass phrase every time the computer rebooted, would be a way of avoiding having the information in the clear on the disk. However it would probably not be a practical method of operation given the reliability of at least the Unix operating systems that I am familiar with. And even then the information is in memory. An attacker who could gain root privileges (and let's not pretend that the NSA can't do that) can dump memory and later comb it for the key information. My point remains that strong keys are pointless for remailers which run on Unix systems connected to the net. Now if you have your remailer on a PC at home, and you're not running anything else on it (like http servers), maybe that is safe. I am not familiar enough with security holes in such a configuration to judge. Probably it would depend on what mail-processing software you run, and the nature of your net connection. Recall that my original comments were in connection with the claim that the government was running most of the remailers. As I said, I still think that is absurd when it would be so much easier to simply steal their keys. Hal