Data Haven problems
Paul J. Ste. Marie
pstemari at erinet.com
Mon Jan 9 19:30:14 PST 1995
At 07:25 PM 1/9/95, dfloyd at io.com wrote:
> ... Of course, the DH will be hidden by a good remailer (anon.penet.fi), but
>it is trivial to use traffic analysis to find where the DH lies. Just
>monitor traffic from/to the remailer and do a series of store/retrives.
>Then for confirmation, forge a mail from the dh site to the remailer with
>the password (obtained from sniffing) to yourself. ...
Hmm, hmm. Using c'punk remailers with encrypted send blocks fixes one
problem, especially if the c'punk mailers do some sort of file splitting and
reassembly along the lines of what happens to IP packets that are too large
for a given link. What would also help would be a mechanism for randomly
varying the encrypted send-to block. The password replay attacks can be
fixed by encrypting the transmitted password along with a timestamp/sequence
number.
One problem that remains would be a trail left by the increased traffic
to/from a DH vs a normal user. That could only be fixed by a multitude of
DH sites.
--Paul J. Ste. Marie
pstemari at well.sf.ca.us, pstemari at erinet.com
More information about the cypherpunks-legacy
mailing list