Fw: Garbled passthru mix key (Mixmaster ate my messages!!)
The problem w/ the mix chains is being sparesly discussed on the remailer-operator list (see enclosed email below). No ETR as of 2001/03/06 for down chain: http://www.publius.net/mixmaster-list.html -- gomes@navigo.com Carlos Macedo Gomes _sic itur ad astra_ 1; ----- Original Message ----- From: "Computer Cryptology" <turing@eskimo.com> To: "cmeclax po'u le cmevi'u ke'umri" <cmeclax@ixazon.dynip.com> Cc: "Remailer Operators Mailing List" <remailer-operators@anon.lcs.mit.edu> Sent: Tuesday, March 06, 2001 7:11 PM Subject: Re: Garbled passthru mix key
-----BEGIN PGP SIGNED MESSAGE-----
On Tue, 6 Mar 2001, cmeclax po'u le cmevi'u ke'umri wrote:
de'i Tue, 06 Mar 2001 la cmeclax po'u le cmevi'u ke'umri cusku di'e
Turing and I have been doing some tests and have found that when passthru sends his key through lucifuge, austria, and perhaps cyggy or randseed, the key is Randseed is the culprit, though cyggy should be aware that his key may suffer the same fate.
To summarize, the key from passthru2 passes without problem through afpress, dizum, farout, frog2, green, gretchen, lefarris, lsd, shinn, steeleye, winter, and xganon. It has the middle missing when it passes through austria, lucifuge, and randseed.
I'm attaching at the bottom the key as lucifuge delivers it. The "[...]" is *not* my edit, but the problem.
In June (on or around the 25th) of last year Peter posted this problem to APAS. At the time, though, dizum was modifying keys. Someone then posted a code change for Mix, that exempted Mixmaster keys from the binary detection the same way that PGP keys are exempt. Does someone still have that code change? Can austria, lucifuge, and randseed be patched, or should we warn middle remailers? Those that don't send directly might want to avoid chaining Mix keys through these remailers otherwise.
-----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
iQEVAwUBOqV8VDzxF7DEd0ehAQHujQgAmBSzThaV66SB3/1z6wT0WUQezXiy/epq FhamGnIvlXg+IIaU3uV9KkkOxU4QxEdsoZicso5OOPZYYgqt3Lh377p4ztbDKYw1 5laLpZucbbKRyaqQ4NsEfopJx1f4aKhH0XtVgBRbENAD6+VuvjyQ5D1YTeTzQ4Iy YJJkjapIHbBZT+jztyCTKAj/BMObvrhri/mUc7BJXOFFrUhpgqzMwfjP5sDCBOpF cuXc/nI3DZegG5labuUj6sckyEZR+d/Y84SR9Rxw842on32jmcDka4ryFSGvJ/Tm jfh4kuJHY1IEfEBMtrZmw5WDp9kp8x+BmV10OXH9Ctsk5wkbZ8/1eA== =Zzj9 -----END PGP SIGNATURE----- -- Computer Cryptology RSA Fingerprint = 2476BB9C15F3612778C53A87F915CA1D
From nobody@harrisherd.com Tue Mar 6 15:57:50 2001 Date: Tue, 6 Mar 2001 02:18:58 -0500 From: Anonymous <nobody@harrisherd.com> To: turing+passthru2=remailer-key=983854611@eskimo.com Subject: Mixmaster key for Passthru's 2nd incarnation
Here is the public key for Passthru's 2nd incarnation:
=-=-=-=-=-=-=-=-=-=-=-= passthru2 mixer@immd1.informatik.uni-erlangen.de c07b204924a69939651ec445fd5b2404 2.0.4b40 MC
-----Begin Mix Key----- c07b204924a69939651ec445fd5b2404 258 AATAD7wE2XqELmZ7SHVtuPQjDOjVjhIrXpL5j5Gs 7xEi6GXvCOS4vWyzmmZiTQjIimpBv4+PeyAAk6bm pBRHqSyXzf4SkZAzqxpqOmBn9nTC8ML3wmFuMsZU [...] AAAAAAAAAAAAAAAAAAAAAQAB -----End Mix Key-----
-----BEGIN PGP SIGNED MESSAGE----- On Tue, 6 Mar 2001, Carlos Macedo Gomes wrote:
The problem w/ the mix chains is being sparesly discussed on the remailer-operator list (see enclosed email below).
The problem under discussion on the remailer-operators list is different from the problem mentioned on the CDR. The latter question is, Why are there only five useful remailers on publius.net's Mixmaster list? The answer to that question is on the page itself (http://www.publius.net/mixmaster-list.html): the keyring was last updated *199 days* ago. Comparing publius statistics to other Mixmaster statistics sources (http://www.eskimo.com/~turing/remailer/stats/db/mlist.html) shows that publius is the only statistics (stats) source to list several remailers, doesn't list a dozen remailers that a majority of other stats sources include, and lists many remailers at 0.00% reliability (as noted on CDR). In short, publius is out of date. A recent list of stats sources is available on the comparison page cited above, or in the alt.privacy.anon-server FAQ on anonymous remailer use section on statistics (http://www.eskimo.com/~turing/remailer/FAQ/faq.5.html). Particularly relevant to the questions on CDR ("Why are half the remailers down...?" and "Is there a better list?") are these FAQs: Where can I find stats pages? http://www.eskimo.com/~turing/remailer/FAQ/faq.5.html#3 Why are there dead remailers on the stats pages? http://www.eskimo.com/~turing/remailer/FAQ/faq.5.html#4 -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com> iQEVAwUBOqW2hTzxF7DEd0ehAQHklwgArk5pIo6D/mpREWDellh/v6EDUakYOa6d Vh7tIod46MHpWQdvDl2C0PYjUdQodh24gaz2lttclRsGJ4e5E3v8cQdw5OkWOmUS GoEfrgFro1C9D3LGlPuB1n0gLjVniQci4/8xrY8VB3VXrRLEy7gLLY1+ZND1Ln9Q 8/JDzoMIjEUSL1E+9/CGEh/CItvdrGDwDHlE848+G8dFBy857IGQQ+9V9rsHgjMG gHleUE/t1/xceJt0/26iDn5LXulArWyw7+nGkvS476tpyD3MJr2121mUn8d2JGHa KMNOURyI+5rs2WZjvMrQSNV7mrIm3Mb2eTH3ZMVQxLHugtzs7YqBrA== =3QcO -----END PGP SIGNATURE----- -- Computer Cryptology RSA Fingerprint = 2476BB9C15F3612778C53A87F915CA1D
participants (2)
-
Carlos Macedo Gomes -
Computer Cryptology