WARNING: This site is still in "alpha" state, and may have bugs. Please test it, but do not rely on it for truly sensitive pseudonyms until it has been tested for a while. Please report all bugs and problems to <admin@nym.alias.net> so that we can fix them. * SETTING UP A MAIL ALIAS: To set up an anonymous mail alias on nym.alias.net, you must first generate a new PGP public/private key pair for use with your mail alias. Do this by running "pgp -kg". You will be asked to choose a user-id for your new key. When you are prompted for the user-id, type something not very descriptive that gives no indication of either your real identity, the alias name you will choose, or even the nym.alias.net machine. Unlike your regular PGP key, you should make an effort to keep your remailer public key relatively secret, and you should not use it for any other purpose. Do not sign it, and do not submit it to any key servers or give it out to anyone. To make sure you don't accidentally sign other messages with your pseudonym's private key, you should probably choose a new passphrase for your remailer key. You may also wish to put a line like: MYNAME = <your.real@e-mail.address> in the file $HOME/.pgp/config.txt (which you can create if it does not already exist). Once you have a PGP key for your pseudonym, extract it to a file (for instance with "pgp -fkxa 'key ID' > tmpfile". Next, create a reply block for yourself. First choose some passphrases for conventional encryption. Suppose you want your message encrypted first with your public key, then with shared key "passphrase_b", then with shared key "passphrase_a". Create a remailer message like this ("Latent-Time: +0:00" will prevent any delay--use something longer for more security.) :: Request-Remailing-To: you@your.email.address Latent-Time: +0:00 Encrypt-Key: passphrase_a ** PGP encrypt this with a remailer's public key (you can get remailer information from fingering remailer-list@kiwi.cs.berkeley.edu, and you can get the keys by running "finger pgpkeys@kiwi.cs.berkeley.edu | pgp -fka"). This will yield a message like this: -----BEGIN PGP MESSAGE----- Version: 2.6.2 hIwC/nqSW1QDQfUBBACknZMV93wFS2CH0orlgslmEm+alhjI1eKwbbTTmeRWC5Rg /S3vZw+95ZuCZfqxKE0XrgZXzOEwfoyBcpVvf9Pb9D19TqEMTmmL/Jpl1xcxmbJ2 OGsHpQ/TxpazBCVhdBmPblj5wWvwfG1+ZKpIkQ5hiLJhryQM/TUDarEscs3zdaYA AAB5231aMcQ74AKoDZizABMF3Tw+olV4mm4jVo9cMn2B3Rj2XBFl4pV9VL3h0ZQB cPY/ytBRyZPugr0NpLgjO+q6mEjCcgQrxpYQ+1PvFPdDx1GmJ5ogZqW+AVHsNqAp vRoiG8ZhXs4r3E8liFsNtMMf6CUAsdV2ZoX1Hw== =Bla3 -----END PGP MESSAGE----- Prepend to this the following header: :: Encrypted: PGP And finally add a command to send to the remailer you chose, yielding a response block for one remailer: :: Anon-To: remailer@utopia.hacktic.nl Latent-Time: +0:00 Encrypt-Key: passphrase_b :: Encrypted: PGP -----BEGIN PGP MESSAGE----- Version: 2.6.2 hIwC/nqSW1QDQfUBBACknZMV93wFS2CH0orlgslmEm+alhjI1eKwbbTTmeRWC5Rg /S3vZw+95ZuCZfqxKE0XrgZXzOEwfoyBcpVvf9Pb9D19TqEMTmmL/Jpl1xcxmbJ2 OGsHpQ/TxpazBCVhdBmPblj5wWvwfG1+ZKpIkQ5hiLJhryQM/TUDarEscs3zdaYA AAB5231aMcQ74AKoDZizABMF3Tw+olV4mm4jVo9cMn2B3Rj2XBFl4pV9VL3h0ZQB cPY/ytBRyZPugr0NpLgjO+q6mEjCcgQrxpYQ+1PvFPdDx1GmJ5ogZqW+AVHsNqAp vRoiG8ZhXs4r3E8liFsNtMMf6CUAsdV2ZoX1Hw== =Bla3 -----END PGP MESSAGE----- ** For greater security, you should repeat this process so that mail to your pseudonym travels through multiple remailers. You can simply encrypt the entire above message with another remailer's public key, and insert the new cyphertext in a message similar to the example one above. Now, to set up a pseudonym on nym.alias.net, you need to mail four things to config@nym.alias.net: The pseudonym you wish to use, a "create" command, your remailer public key, and the response block. The reply-block must always come last in your mail message. Thus, if you wanted to choose the alias <test@nym.alias.net>, you would could a message like this: Config: From: test@nym.alias.net Nym-Commands: create +acksend name="Full Name of Nym Test User" Public-Key: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQCNAzGf6A8AAAEEAPknqWEUA8U4+l5TFkD5Fj0COten6bbIe5bBb/1MvI+w6mFl z06CPb2K/Z1fzjT48ZyxwYR+S3jU3Z96JEFRl99HYh3lTIUiBHW/XtwyefF0y61x qYkNuUpSFh9BDBFM7N3uVvaNbzLiFnqCpZLm5ZIfrLcla3qUgkTBtHVi58fRAAUR tDhsY3MgbWl4bWFzdGVyIGFkbWluaXN0cmF0b3IgPG1peC1hZG1pbkBhbm9uLmxj cy5taXQuZWRxPokAlQMFEDGf6ClEwbR1YufH0QEBX60D/jZ5MFRFIFA1VxTPD5Zj Xw2bvqJqFvlwLD5SSHCVfe/ka6ALuxZGFKD/pHpUAkfv1hWqAYsJpi0cf8HSdi23 bh5dUeLJnHHHDmd9d55MuNYI6WTi+2YoaiJOZT3C70oOuzVXuELZ+nZwV20yxe8y 4M3b0Xjt9kq2upbCNuHZmQP+ =jIEc -----END PGP PUBLIC KEY BLOCK----- Reply-Block: :: Anon-To: remailer@utopia.hacktic.nl Latent-Time: +0:00 Encrypt-Key: passphrase_b :: Encrypted: PGP -----BEGIN PGP MESSAGE----- Version: 2.6.2 hIwC/nqSW1QDQfUBBACknZMV93wFS2CH0orlgslmEm+alhjI1eKwbbTTmeRWC5Rg /S3vZw+95ZuCZfqxKE0XrgZXzOEwfoyBcpVvf9Pb9D19TqEMTmmL/Jpl1xcxmbJ2 OGsHpQ/TxpazBCVhdBmPblj5wWvwfG1+ZKpIkQ5hiLJhryQM/TUDarEscs3zdaYA AAB5231aMcQ74AKoDZizABMF3Tw+olV4mm4jVo9cMn2B3Rj2XBFl4pV9VL3h0ZQB cPY/ytBRyZPugr0NpLgjO+q6mEjCcgQrxpYQ+1PvFPdDx1GmJ5ogZqW+AVHsNqAp vRoiG8ZhXs4r3E8liFsNtMMf6CUAsdV2ZoX1Hw== =Bla3 -----END PGP MESSAGE----- Note that the first line of this message was "Config:". ANY MESSAGE SENT TO <config@nym.alias.net> WILL BE SILENTLY DISCARDED IF THE FIRST LINE IS NOT "Config:"! This message must then be encrypted with the nym.alias.net public key, and signed by your new remailer public key. The nym.alias.net public key is listed here (pipe it to "pgp -fka" to add it to your public key ring): -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQENAzGzy5AAAAEH/2JjaB4AuQff90Mejru+FVptG4/wPmwK7WteavNXJpYxWoRm SzxwNz70q4QCLKBR0QnzXqGeGtCB5IE4dIuPIkMiPvRv57rBaDe4qkzNkgwuZiH9 qGMsOSidCf+xaIJyL7RtljKuDSU8KH2OGIdwEpGa20U+9oXabWCpWwVvfJhgxPFF xhiFLeMzhEUgsVXxIn2ThD8AyHyTUXWd11nvvTeKt+y9qX+7fUDrn6HIl1lFmxQA RAOc83jjDNgWbanHWG9+1g8KFLkBrEdxJtNQeb/JMSZ122Dxda5CwtMnQGI0mCcr dHNr1NA6WWaIfV0pR+sluNWFxNYuTk0OFgtg8c0ABRG0Kzxjb25maWdAbnltLmFs aWFzLm5ldD4vPHNlbmRAbnltLmFsaWFzLm5ldD6JAJUDBRAxumL3RMG0dWLnx9EB AaRTA/4xIgNrem7Yay0/rFfXgoGHUhWsZVhAlQP1fVEIRYuYEC4Biodwx3nYL31r 9IcgBkm/DUddkfCUfroMr7wbm6GnYnrVLc4dZ9ACCjUVX7n5hvanc8/Efx0yE03l D+r9n5liz5X4vk65f+DIw1LykM9zTg/4GNwAENn6H5YTtg6Q+IkBFQMFEDG6YVlO TQ4WC2DxzQEBIvMH/jER9tiQcJG2NvkiOqcIeBSPLb15EPFMg1He3clRIz398ToH iv4oNKZEjVox3O0zowcUW0zfgtzhlMbudOwgoylCpCxVukuF1tsleoGlvDES0iA8 WdnYftt/rr3awf0j2pmLFbCmEDFaebuYgRXGe5yavaSjFDPzjFZqKwTYs5VnKOjP XjI0yrem4PXw6K5sOANJKaa6yFrHJ/58iqbV8Rl7p0qNwwIi1nDn5UgpDOFDqWMq sO9HUjRD2Y+Kmq6qlSg1gKV1hehZuAxHKtJAIZf+MPaI/sRbs79oN5GVwpmqoiZF vz6bLS+qs69kVwg2RQoY2BSAzyUeT+rw70YfLAc= =ekCY -----END PGP PUBLIC KEY BLOCK----- Create the message to nym.alias.net with the command: pgp -seat file config@nym.alias.net -u 'remailer key ID'. Once you have produced a PGP encrypted and signed message, mail it to <config@nym.alias.net> (preferably through some anonymous remailers for maximum security). If the name you chose is available, this will create your mail alias. You can send mail to <list@nym.alias.net> to get a list of pseudonyms already in use. * SENDING MAIL FROM YOUR PSEUDONYM Once you have created a mail alias, you will automatically receive mail sent to that alias (encrypted with the public key you mailed it). To send mail from that alias, simply create a mail message, encrypt it with the nym.alias.net public key, sign it with your remailer key, and mail it to <send@nym.alias.net>. Thus, for example, create a file with (substituting the name you chose for "test"): From: test To: mail2news@anon.lcs.mit.edu Newsgroups: alt.test Subject: ignore this nym test just a test If this file is called "testpost", and your remailer public key ID is "xx testkey", run the command: pgp -seat testpost send@nym.alias.net -u 'xx testkey' This will create a file called "testkey.asc", which you can then mail to <send@nym.alias.net> to post the above test message to the newsgroup alt.test. Any mail you send through send@nym.alias.net will be PGP signed and dated by the nym.alias.net private key to certify its authenticity. If you do not wish your mail to be signed, or if your alias has its own PGP key, you should simply send mail through ordinary remailers (setting the From: address to be that of your nym) and shouldn't need to go through send@nym.alias.net. * CHANGING OR DELETING YOUR MAIL ALIAS To change either your public, your response block, or the parameters of your alias, you can simply send another message to <config@nym.alias.net> as you did to set up the the alias initially (only without the "Nym-Commands: create" command). Once again, the message will have to be both signed and encrypted with pgp -seat message -u 'xx testkey' as described above for sending mail. To delete your alias entirely, send encrypted and signed mail with simply the lines: From: test Nym-Commands: delete (substituting your real alias name for test). After deleting your alias, you should receive PGP-signed mail explicitly acknowledging the deletion of that alias. An acknowledgment simply confirming generic "successful execution" of your request does not indicate that your alias has been deleted. There several commands you can give using the "Nym-Commands:" header in a message to <config@nym.alias.net>. You can place several on on line, separated by spaces, or you can place multiple "Nym-Commands:" headers in the same message. Valid commands are: +acksend/-acksend Enable/disable an automatical acknowledgment each time a message is successfully remailed for your alias through <send@nym.alias.net>. +cryptrecv/-cryptrecv Enable/disable automatic encryption with your public key of messages received for your alias. If public-key encryption is disabled, you absolutely must conventionally encrypt your messages if you wish to preserve your privacy (conventional is a good idea anyway--see the section on security). +fixedsize/-fixedsize When you send the +fixedsize Nym-Command, all messages you receive will be padded to exactly the same size (roughly 10K). This padding will take place outside the public key encryption, and so will only be useful if you also use shared-key encryption. If you do used shared-key encryption, however, (and you really should), having all your messages be the same size will make it significantly harder for anyone to do traffic analisys on mail to your nym. +disable/-disable One of the most effective forms of attack on a pseudonymous remailer such as this is to flood the system with messages for a particular destination. Moreover, because this alias software does not know a message's final destination, it is possible that some joker could point an alias at itself (maybe even using two reply-blocks to create exponentially increasing levels of traffic). To protect against this, if you receive more than 256 messages in one day, your alias will be disabled and further mail to you it will bounce. You will receive mail notifying you of the situation if this happens to you. At this point, you can re-enable your alias by sending a message with "Nym-Command: -disable" to <config@nym.alias.net>. name="My \"Alias\" Name" To set up a name to be printed in all your outgoing messages, like this: From: My "Alias" Name <aliasname@nym.alias.net> You can set it with the name= Nym-Command. Note the outer quotes are necessary even if your name does not contain any white space. Any quotes and backslashes in your name must be escaped with a backslash. create This command must be given when creating a new alias. delete This command deletes your alias and wipes your response block. As described above, you should receive PGP-signed mail explicitly acknowledging the deletion of your alias. An acknowledgment simply confirming generic "successful execution" of your request does not indicate that your alias has been deleted. * REPLAY The remailer keeps a replay cache, and will not accept the same message twice unless each copy has been separately signed. Thus, it is safe to send multiple copies of outgoing E-mail messages through very long remailer chains, if you are worried about one copy not getting through. Whether one or more copies actually make it through, only one copy will go out. One side effect of this is, however, that if you PGP sign a test message and mail in the same message multiple times, it will only work the first time. Note that signatures are only considered valid for a week. Thus, if mail comes to send@nym.alias.net more than a week after you signed it, that mail will be dropped. * MULTIPLE REPLY BLOCKS Sometimes anonymous remailers can be unreliable, and you would like to receive two copies of all your messages through two independent remailer chains. Alternatively, perhaps you want to send one copy of each E-mail message you receive to the bit bucket through a long series of anonymous remailers. You can assign multiple reply blocks to your nym by prefixing each with "Reply-Block:" at the end of a message to <config@nym.alias.net>. For example, the following message to <config@nym.alias.net>: Config: From: test Reply-Block: :: Anon-To: nobody@some.remailer.machine Latent-Time: +0:00 Reply-Block: :: Anon-To: your.real@email.address Latent-Time: +1:00 Will setup your alias to send one copy of each message you receive to "nobody@some.remailer.machine" immediately, and to send a second copy to "you.real@email.address" after up to one hour of random delay. Of course, in order for this to be useful, you should use more complex reply-blocks which chain through multiple remailers. It may also make traffic analysis more difficult if you don't always use the same remailer path. You can assign a probability to a remailer block by adding "p=probability" to the remailer block (where 'p' can be any single letter variable name). For example, consider the following reply-block: Reply-Block: p=0.5 :: Anon-To: you@through.one.remailer Latent-Time: +1:00 Reply-Block: p=0.5 :: Anon-To: you@through.another.remailer Latent-Time: +1:00 Reply-Block: q=0.75 :: Anon-To: nobody@some.remailer.machine Latent-Time: +0:00 3/4 of the time, a copy of a message you receive will immediately be mailed to nobody@some.remailer.machine. After some random delay, your message will be mailed to either "you@through.one.remailer" or to "you@through.another.remailer". Multiple reply-blocks with the same probability variable are mutually exclusive. Thus since the p blocks are "p=0.5" and "p=0.5", and since 0.5 + 0.5 = 1.0, you are guaranteed to get a copy of all your mail. Generally speaking, you will probably want all the weights associated with a particular variable to add up to 1.0 unless the reply-block is just for cover traffic. Bizarre behavior may occur if your probabilities add up to more than one--this is not recommended. While the idea of using many different reply-blocks with small probabilities may seem appealing for defeating traffic analysis, keep in mind that each reply block is traceable back to you. Suppose you have 10 reply blocks for your 'nym, each with probability 0.1. If those reply blocks become compromised, only one of the 10 will have to be uncovered to find out your real identity. * SECURITY If you care about the secrecy of your identity, then the only truly secure way of of protecting it is by pointing all your response blocks to usenet newsgroups. The most important thing to realize about the privacy of your messages is that anyone can determine your PGP public key ID from looking at an encrypted message. That means if you don't conventionally super-encrypt mail, an observer on the network or at a remailer may be able to determine which public key corresponds to which nym, and use this to track messages. If you redirect your mail to news group alt.anonymous.messages, observers will be able to determine your public key ID and observe how much mail you are getting. For this reason, you should conventionally encrypt your mail in addition to public-key encrypting it. If you only want to use conventional encryption for most mail, you can disable RSA encryption by sending signed/encrypted mail with 'Nym-Commands: -cryptrecv' to <config@nym.alias.net>. There is a large benefit to using public-key encryption. If you only use conventional encryption and your reply-block is compromised, then previously recorded messages sent to you will be able to be decrypted. With RSA-encrypted messages, there is no way for anyone but you to read the message once it has left nym.alias.net. * POLICY Any use of this alias service for illegal purposes is strictly prohibited. Do not rely on this nym server to protect your identity. You should be relying far more heavily on the integrity of the remailers through which you chain your replies. The nym.alias.net service is provided in the hope that it will be useful, but the administrators can make NO GUARANTEES WHATSOEVER that your identity will not be compromised. That said, we will make a reasonable effort to keep the machine secure and to ensure that your reply block never gets backed up to tape or otherwise copied. Note, however, that your PGP public key will get backed up to tape, and so will likely be available for a while even after you delete your Nym. The server also keeps, not backed up, two additional pieces of information on your nym: First it counts the number of messages your alias received in the current 24 hour period, so as to detect flooding attacks and alias loops with exponential message explosion (see the description of the -disable Nym-Command for more info). Second, the server stores the date of the last day on which you sent a PGP-signed message to config@nym.alias.net or send@nym.alias.net. This is to help garbage-collect inactive accounts with lost PGP keys at some later point should that become necessary. Nym.alias.net is the same machine as anon.lcs.mit.edu. Keep this in mind when choosing which remailers to chain through. (In other words, using mix@anon.lcs.mit.edu as your last hop for mail to nym.alias.net is probably a good idea if and only if you you also chain through one more hop than you would otherwise have felt comfortable with.) * E-MAIL ADDRESSES <admin@nym.alias.net> The address to contact if you are having any problems with nym.alias.net. <help@nym.alias.net> Sending mail to this address gets you a copy of this help file. <remailer-key@nym.alias.net> Get the PGP public key for nym.alias.net. <list@nym.alias.net> The address to contact for a list of all taken pseudonyms. <config@nym.alias.net> The address to which to send configuration messages. All messages to this address must be PGP encrypted and signed with "pgp -seat". In addition, THE FIRST LINE OF PGP-SIGNED TEXT IN A MESSAGE TO config MUST BE "Config:". Otherwise your message will be completely ignored. When sending one or more reply-blocks to <config@nym.alias.net>, they must come at the end of the message after any Public-Key: or Nym-Command headers. <send@nym.alias.net> To send mail from your alias address, PGP encrypt and sign the message with "pgp -seat", and mail it to this address.