My remailer and ARA's
miron at extropia.wimsey.com
Tue Dec 22 03:11:25 PST 1992
-----BEGIN PGP SIGNED MESSAGE-----
My remailer does not support ARA's. This is because the requirement
that incoming messages be completely encrypted with its key (any
portion which is not encrypted in this way is dropped).
In any case, the current scheme for ARA's is insecure. This is
because people can send plaintext messages attached to the ARA.
This allows breaking anonymity by monitoring of the traffic from
all remailers and waiting until the message appears at one of
I will implement a more secure scheme. The ARA will include
encryption instructions for each remailer. Since each remailer
will be doing a transformation on the message, the attack above
will not be feasible.
Miron Cuperman <miron at extropia.wimsey.com> | NeXTmail/mime ok
<miron at cs.sfu.ca> | Public key avail
AMIX: MCuperman |
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the cypherpunks-legacy