Suppose somone wanted to compromise an anonomous mail-server. Couldn't it be possible without the owner of the mail-server knowing? The attack might consist of monitoring all traffic to and from that address. Unless the server waits a long and random time to forward the incoming mail, couldn't a mapping be made of real-name/possible-anon-names? If a users uses the same anonomous name for long enough (2 times?) couldn't the attacker be very confident of the mapping? If the attacker uses the server themselves creatively, wouldn't the task be even easier? This seems like a simple cipher easily broken. I am new to this, so I appologize if this is a dumb question. Peter Baumbach baumbach@atmel.com
Peter Baumbach writes:
Suppose somone wanted to compromise an anonomous mail-server. Couldn't it be possible without the owner of the mail-server knowing? The attack might consist of monitoring all traffic to and from that address. Unless the server waits a long and random time to forward the incoming mail, couldn't a mapping be made of real-name/possible-anon-names? If a users uses the same anonomous name for long enough (2 times?) couldn't the attacker be very confident of the mapping? If the attacker uses the server themselves creatively, wouldn't the task be even easier?
This seems like a simple cipher easily broken.
I am new to this, so I appologize if this is a dumb question.
Yes, this is basically the "traffic analysis" problem. This is discussed (briefly) in the "Glossary" located in the Cypherpunks archives at soda.berkeley.edu (in the /pub/cypherpunks directory). Existing remailers are not secure against either traffic analysis or record-keeping by the operators. Nor are they secure against textual analysis (a lesser problem). Adding encryption helps against operator record-keeping. Accumulating enough messages (e.g., 10) so that following a message through 10 remailers is problematic is another approach, though nobody is now doing this. (And even with lots of accumulated messages and lots of remailers, statistical evidence can be accumulated. For example, if everytime "Deadbeat" posts to some group there was a packet leaving my machine some hours before.....) David Chaum's 1981 CACM paper/letter described "mixes," which some on this list are pursuing. His even more advanced "DC-Nets" (also covered in the Glossary and in _many_ postings on this list) are information-theoretically secure. We may see them deployed soon, in at least an experimental form. Not a dumb question, just one that's come up several times. (Someday we may even have a Cypherpunk FAQ.) -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
Not a dumb question, just one that's come up several times. (Someday we may even have a Cypherpunk FAQ.)
I will mantain the faq if people will send my usefull information, such as ftp sites, remailer-reposter sites, short answers to "obvious" questions, etc. I will mail it out on a regular basis and perhapse to new subscribers, if that is possible. Come on folks give me a hand here! ;^) +----------------------+----------------------------------------------------+ | J. Michael Diehl ;-) | I thought I was wrong once. But, I was mistaken. | | +----------------------------------------------------+ | mdiehl@triton.unm.edu| "I'm just looking for the opportunity to be | | Thunder@forum | Politically Incorrect! | | (505) 299-2282 | <me> | +----------------------+----------------------------------------------------+
participants (3)
-
baumbach@atmel.com -
J. Michael Diehl -
tcmay@netcom.com