Latency vs. Reordering (Was: Remailer ideas (Was: Re: Latency vs. Reordering))

Jim Dixon jdd at aiki.demon.co.uk
Sun Aug 7 04:40:08 PDT 1994


In message <199408070216.TAA09025 at jobe.shell.portal.com> Hal writes:
> This suggests, that IF YOU COULD TRUST IT, a single remailer would be just
> as good as a whole net.  Imagine that God offers to run a remailer.  It
> batches messages up and every few hours it shuffles all the outstanding
> messages and sends them out.  It seems to me that this remailer provides
> all the security that a whole network of remailers would.
> 
> If this idea seems valid, it suggests that the real worth of a network of
> remailers is to try to assure that there are at least some honest ones
> in your path.  It's not to add security in terms of message mixing; a
> single remailer seems to really provide all that you need.

Yes, in an ideal world.  Each additional remailer introduces another
chance of being compromised.

But in an ideal remailer network operated by real human beings, you cannot
trust the operator.  You would prefer that at least the points of entry
and exit from the network be different, because this decreases the
probability of the message being 'outed' by a very large factor.  If
you are seriously concerned about legal factors, you would prefer that
the remailer gateways be in different legal jurisdictions.

However, if you trust the operator and if this trust is guaranteed to be
continued forever, the ideal number of remailers is one.
--
Jim Dixon






More information about the cypherpunks-legacy mailing list