Improved remailer reordering
Eric Hughes
hughes at ah.com
Sun Aug 7 16:54:00 PDT 1994
Imagine a RemailerNet (v0.2) that maintained a fixed level of
traffic between gateways.
This is exactly what I was talking about when I posted earlier about
link encryptors, and effective collapse of nodes for traffic analysis
purposes. Traffic analysis of mixes and remailers assumes, as an
abstraction, that all the messages going into and coming out of a
particular node are visible. As soon as you remove this condition,
the analytical situation changes completely.
And it changes for the better, since the reduction in observed
information can only improve security. Message arrival and departure
times are not irrelevant, and their removal gives less useful
information. The desired net result is a single node for traffic
analysis purposes. But even for a single node, estimates of
reordering still need to be made.
The problem with implementation of link encryption is, like everything
else, cost. Link encryption off the Internet requires dedicated
lines. Link encryption on the Internet likely won't get you into
trouble now, but likely will be an issue as subsidies go away.
In general, the messages do not exist
as wholes along the lines connecting the gateways, so a discussion of
their reordering is a good way to waste time.
You still have to worry about reordering in the network as a whole.
The system you've described has reassembly done at the endpoints, who
might not be the final receiver. I pass over the flaw of lack of
message quantization in the final sending of reassembled messages.
We may assume for discussion that they're all the same length.
Now, you still need to calculate the likelihood that a particular
outgoing message is the same message as a particular incoming message.
These probabilities have to do with message reordering. You still
need to do the calculation.
Eric
More information about the cypherpunks-legacy
mailing list