Tim mentioned that not many people on the list have expressed interest in the remailers, and it occurs to me that maybe people don't all share the vision of why this crypto technology is important. I'm trying to recall how I learned about the possibilities of this technology. I recall reading "True Names" a few years ago. Vinge had his netters exchanging mail anonymously. The hero downloaded a big batch of messages from a BBS and tried decrypting all of them to see which were for him. Okay, I thought, that would be a way of disguising which messages you were _receiving_. Then Vinge said something like "and using more elaborate techniques, the sender of a message could be hidden as well." Hold on, I thought. That will never work. If they tap your line, they're going to know exactly what messages you're sending. Too bad. Vinge had a clever idea going, but it's flawed. I only learned about Chaum's crypto stuff last year. Somebody on the Extropians list mentioned PGP, and I'd always had a casual interest in crypto, so I downloaded it and played with it some. I thought it was great and really got into it in a big way. This got me interested in crypto in general, so I started doing some library research. When I found Chaum's stuff, it just blew me away. The first article I found, I think, was his CACM paper which is an overview of many of the things that are possible. I started trying to track down other papers by Chaum. Here were all the technologies needed to make Vinge's world work, technologies which Vinge apparently knew about long before I did. It seemed so obvious to me. Here we are faced with the problems of loss of privacy, creeping computerization, massive databases, more centralization - and Chaum offers a completely different direction to go in, one which puts power into the hands of individuals rather than governments and corporations. The computer can be used as a tool to liberate and protect people, rather than to control them. Unlike the world of today, where people are more or less at the mercy of credit agencies, large corporations, and governments, Chaum's approach balances power between individuals and organizations. Both kinds of groups are protected against fraud and mistreatment by the other. Naturally, in today's society, with power allocated so disproportionately, such ideas are a threat to large organizations. Balancing power would mean a net loss of power for them. So no institution is going to pick up and champion Chaum's ideas. It's going to have to be a grass-roots activity, one in which individuals first learn of how much power they can have, and then demand it. Where do the remailers fit in? They represent the "ground floor" of this house of ideas - the ability to exchange messages privately, without revealing our true identities. In this way we can engage in transactions, show credentials, and make deals, without government or corporate databases tracking our every move as they can today. Only by securing the ability to communicate privately and anonymously can we take the next steps towards a world in which we each have true ownership and control over information about our lives. Chaum's ACM paper is titled, provocatively, "Security Without Identification - Transaction Systems to Make Big Brother Obsolete." The work we are doing here, broadly speaking, is dedicated to this goal of making Big Brother obsolete. It's important work. If things work out well, we may be able to look back and see that it was the most important work we have ever done. Hal Finney 74076.1041@compuserve.com
Remailers are extremely important, but we also need anonymous IP bouncers. An IP bouncer might work like this: there would be a user, a server, and a target. The server and user would each have key pairs (probably a new pair for each session), and would trade public keys. The user would request a port from the server, and then would issue (encrypted) commands to the server. These commands might include: telnet - open a connection to the target. The target would route its packets to the server, and the server would encrypt them and route them to the user. ignore - get ready to recieve lots of random bits and perhaps pass them on to other servers. This is needed to help a user confuse trafic analysis. A side note: it would be useful to have a standard port on all machines that would accept the encrypted ignore command, so that packets could just be sent off into the ether. Users who use bouncers would want to have their machines open up connections, issue the ignore command, and send random bits at some random interval. mail - act as an anonymous remailer (like the ones we already have set up). port - provide a port that other people can telnet in to. This type of anonymous bouncer would be helpful for everything we do with TCP, including perhaps mail. e
participants (2)
-
Eric Hollander
-
Hal