My remailer and ARA's
Miron Cuperman
miron at extropia.wimsey.com
Tue Dec 22 03:11:25 PST 1992
-----BEGIN PGP SIGNED MESSAGE-----
My remailer does not support ARA's. This is because the requirement
that incoming messages be completely encrypted with its key (any
portion which is not encrypted in this way is dropped).
In any case, the current scheme for ARA's is insecure. This is
because people can send plaintext messages attached to the ARA.
This allows breaking anonymity by monitoring of the traffic from
all remailers and waiting until the message appears at one of
the outputs.
I will implement a more secure scheme. The ARA will include
encryption instructions for each remailer. Since each remailer
will be doing a transformation on the message, the attack above
will not be feasible.
- --
Miron Cuperman <miron at extropia.wimsey.com> | NeXTmail/mime ok
<miron at cs.sfu.ca> | Public key avail
AMIX: MCuperman |
cybercomputingimmortalcryptolaissezfaire |
-----BEGIN PGP SIGNATURE-----
Version: 2.1
iQCVAgUBKzb2O5NxvvA36ONDAQG/0QP9GVjH8zjBakbYChxCECGRPb02UJvPC9bj
1lS6GF4KTc5Z9yBejYMSLu5E7lVamgcQFuaBFrSusLyl1oXDcJtCUF4TjxgLCAOi
dXnkbu+k5oB9vLqlZK3nTSmxAuddjrOxbg/AS6M+aIY7rtwkyfnTgj+7pq4pYj6P
/nIpWAB9NHE=
=/i5k
-----END PGP SIGNATURE-----
More information about the cypherpunks-legacy
mailing list