(Fwd) Gov't run anon servers
jim bell
jimbell at pacifier.com
Mon Mar 4 16:33:57 PST 1996
At 10:52 AM 3/4/96 -0800, Hal wrote:
>However, if I were a computer-savvy law enforcement agent, and I wanted
>to track messages through one of my remailers, I would try a
>technological approach. I would first break the key for my remailer.
>That is trivial. The passphrase is in PLAINTEXT in the script file
>which runs the remailer!. It has to be. That is true of all automated
>remailers.
Maybe I just don't know much about automated remailers, but I don't
understand why you said that the passphrase "has to be" in plaintext in the
script file. I find this hard to believe. While I am far from an expert on
cryptographic matters, I would assume that any received attempt at a
password could be securely hashed (128 bits?) and compared with a pre-stored
hash value. If it's the same, it's assumed that the password was correct.
What's wrong with this?
More information about the cypherpunks-legacy
mailing list