Re: Message Havens, gopherholes
-----BEGIN PGP SIGNED MESSAGE----- Okay, I think the discussion has forked somewhere along the way to "gopherholes" and "message havens". While I described the message havens, maybe I didn't do so clearly (after all, it's all worked out in my mind!) and I may be overlooking something a fresh perspective will see. But, the advantages of a message haven are: * it doesn't send mail, thus eliminating what are the strongest objections to anonymous mail - you can't harrass somebody * it doesn't require you to tell it what messages you want to retrieve * it doesn't keep a list of pseudonym and true identity mappings, which seems to be required for "gopherhole" operation * it doesn't even need to have a public key: you and your partner can use each other's keys, and in every response to a message, you can specify what to name the next message, and even include a brand new public key if you want, etc. * if you retreive all the messages, the haven can't figure out who you are communicating with (actually, it can't figure out who is communicating with you) Now, about gopherholes: [description of how randomization and tag changes will make it hard to associate pseudonyms and true names]
Yeah, it certainly isn't trivial to attack. However, I'd like to
Unless I missed something, you have to tell the "gopherhole" what messages you want to receive. This allows the goperhole to associate your psuedonym and true identity. More comments! About message havens and gopherholes. Nice to see some crypto being discussed ;) Karl Barrus klbarrus@owlnet.rice.edu -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLdMGfYOA7OpLWtYzAQHT2gP9GEpOePu8gUp/u4E37pWF8WhkyFaGwpqw nAkpqhanf8gCOsvPRhk4lvwETZ20hoCRzgR2bZzIq4F4bgtvx659bbElNBZv8kKu 5xYlMm+cV3MCwwTYXaBz7ItIl8ZC6rfQLdc2LAXhvJvjdaxHTpDeySN5l1gTdCII j9SQvUGYG1w= =/NkS -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Ok, here's my vision: Set up an ftp archive site. Assign it a pgp key pair. Set up one of those ftp-by-mail programs. To send a message to someone, you give it a random name, asciify it, and use a chain of anonymous remailers to deposit it on the ftp site (some crypto-dollars may be required at this point). Included with the main file is a file with the same name but a .txt extension, containing some info that will identify it to the reciever (could be the key id# that it's encrypted to, or something like "the chicken turns grey at dawn" or whatever). When you want to check for messages, you string a message through a few remailers and ftp (it would accept encrypted reply blocks) *.txt back to you... then just grep them to determine the target file and repeat the retreval process... Hmmm.. ok I just realized that this defeats the whole point of the message haven thing, as it also could be used for harrassment... oh well, maybe there'll be a use for it anyway.. but I cant think of it now... damn. Hmm how 'bout this then: just take a message pool like pool-0 or whatever, and set it up so that when it receives a message it throws it onto an ftp site, with a separate file for each day's mail. That way you could ftp once per day and get all the messages at once, and it wouldn't clutter up your mailbox. Sender untraceability due to remailers. Receiver untraceability due to getting all messages. Lack of harrasement potential (can't force someone to ftp something). And resistance to mailbombing attacks with the implimentation of digital postage and storage fees. Happy Hunting, -Chris. ______________________________________________________________________________ Christian Douglas Odhner | "The NSA can have my secret key when they pry cdodhner @ indirect.com | it from my cold, dead, hands... But they shall pgp 2.3 public key by finger | NEVER have the password it's encrypted with!" cypherpunks WOw dCD Traskcom Team Stupid Key fingerprint = 58 62 A2 84 FD 4F 56 38 82 69 6F 08 E4 F1 79 11 - ------------------------------------------------------------------------------ PGP NSA ViaCrypt Phrack EFF #hack LOD/H 950 FBI MindVox ESN KC NUA murder QSD Hacker DEFCON SprintNet MCI AT&T HoHoCon DNIC TRW CBI 5ESS KGB CIA RSA Communist terrorist assassin encrypt 2600 NORAD missile explosive hack phreak pirate drug bomb cocain payment smuggle A.P. bullets semi-auto stinger revolution H.E.A.T. warheads porno kiddiesex export import customs deviant bribe corrupt White House senator congressman president Clinton Gore bootleg assasinate target ransom secret bluprints prototype microfilm agents mole mafia hashish everclear vodka TnaOtmSc Sony marijuana pot acid DMT Nixon yeltsin bosnia zimmerman crack knight-lightning craig neidorf lex luthor kennedy pentagon C2 cheyenne cbx telnet tymenet marcus hess benson & hedges kuwait saddam leader death-threat overlords police hitler furer karl marx mark tabas agrajag king blotto blue archer eba the dragyn unknown soldier catch-22 phoenix project biotech genetic virus clone ELINT intercept diplomat explosives el salvador m-16 columbia cartel -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLdM8g+Kc9MdneB1xAQFaigP/U0BEsElcDfn54B7vgSzsDCvBL/c1cl4t CRbM5YMxVuUDt+eXt09fxDwy93XFJN6eWHNTZvlVgPX36WRrAxZ9EL6hmk4KanfW LqhSo/4B0jFY3I5XFK1JiSWfiI6iu974HHrecVUvK3fjODkNxzse/cdBvAhCtZx9 Bp0TBXlJc7I= =y4YS -----END PGP SIGNATURE-----
participants (2)
-
cdodhner@indirect.com -
Karl Lui Barrus