Improvement of remailer security

Lance Cottrell lcottrell at
Thu Mar 10 23:46:55 PST 1994

>Even the current pgp encryption scheme offered by some remailers
>doesn't help much, once the incoming and outgoing messages are known:
>just take the outgoing message from the remailer, encrypt it with the
>remailer's public key, compare this to the incoming messages and you
>know who sent this message (repeat if a chain of remailers was used).

This is incorrect. The message is not encrypted with the public key. It is
encrypted with an IDEA key which is encrypted with the remailers public
key. Since the remailer does not forward that key (obviously), this attack
is not possible.

Lance Cottrell  who does not speak for CASS/UCSD
loki at
PGP 2.3 key available by finger or server.

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."

More information about the cypherpunks-legacy mailing list