WWW proxies?

Timothy C. May tcmay at got.net
Mon May 6 02:14:21 PDT 1996


At 6:37 PM 5/5/96, Mark M. wrote:

>The same is also true for cpunk and penet-style remailers that do not use
>encryption.  You always have to trust remailer operators regardless of whether
>encryption is used or not.  The situation will become much better when there
>is some way to chain proxies and encrypt to each individual proxy.  If the
>operator of a proxy is more trustworthy than the operators of any sites you
>visit using the proxy, then you have nothing to lose.

We haven't talked about traffic analysis of remailers and Web proxies much
lately, so it bears repeating that:

-- this is a little-studied subject

-- that nobody has done--to my knowledge--a fairly detailed study of the
traffic analysis that is possible

-- that a model is lacking (I don't mean we don't have some ideas of what's
important, but that we haven't filled in the details, figured out what
sorts of correlations an analyst can make by looking at packet sizes,
sending times, delivery times, etc.)

-- the real world situation with remailers is that message volume is
probably way too low for comfort (my presentation on remailers at the first
CP meeting outlined a need for about 10 mixes, each mixing at least 10
messages of the same size before remailing...and 20 mixes each mixing 30 or
more messages is much better...we are most likely far, far below this, for
nearly all remailed messages. Fortunately, most remailed messages are
either not critical or are being done for novelty, harassment, flaming,
etc.).

-- with Web proxies, the problem of traffic analysis (even with encryption,
which I am taking for granted) becomes astronomically larger...all those
commands sent to the site and stuff returned, and all in a "reasonable"
amount of time! (How many of us will use a Web proxy in our current mode if
we have to wait minutes to hours between actions? I'm not saying what the
response times will be, as this will depend on mixing ratios, desired
security, etc. But it is likely that "fast response" is counterproductive
to the avoiding of traffic analysis.)

(PipeNet-type schemes may help, depending on a bunch of details. So would
"local mixes in cabinets," meaning, Web anonymizers with high bandwidth
that do their mixing locally. They have to be "trusted," to some extent,
but would help a lot. There are some gotchas.)


-- I certainly believe the NSA has put at least an analyst or two on this
problem, and probably long ago put together some models.

We have a very long way to go before remailer networks are really up to snuff.


--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."










More information about the cypherpunks-legacy mailing list