Digital Postage (fwd)

Anonymous anon at anon.efga.org
Sun Sep 28 18:15:48 PDT 1997



-----BEGIN PGP SIGNED MESSAGE-----

Jim Choate wrote:
>> No, there is only one system which provides anonymity.  It's called ecash.
>> The other systems do not have the features we want.
>
>Yes, but it does not have a clear market advantage. In fact the
>anonymity issue may actualy work against it.

We are not talking about an abstract "what will the market do" issue
here.  We are talking about how to get a working payment system up for
remailers which gets us great service and provides privacy and
security.

The rest of the world may or may not catch on to ecash, but if it's
going to start, it will start with a small group.  I think it should
be this one.

>> There is a commonly held belief that one form of payment or another
>> must dominate.
>
>I can assure you that any business will not use multiple protocols
>unless their interface is the same for all of them. There simply
>isn't enough business to have very many systems.

Businesses use multiple forms of payment all the time, even in the
United States where multiple currency use is legally discouraged.
When I go to a restaurant I can pay in cash or use a variety of credit
cards.  And credit cards cost the establishment a substantial amount
of money and headache, too.

>> >Also there is the issue of security in regards to maintaning
>> >anonymity when there is such a small pool of parties to use. Doesn't
>> >take a genius to figure out where to hang out and watch the action.
>> 
>> Do you mean watch the bank and see who is using e-cash?  That might
>> tell you who is using remailers, but not much else.
>
>But who is using the remailers is the point in traffic analysis if I'm
>not mistaken. Not very anonymous if they know who you are.

I hope we are all assuming that The Enemy knows who is using
remailers, at least at the moment.  There's no hiding those telltale
PGP messages sent to a certain short list of suspected remailer
addresses.  Some day we will have good steganography and it won't be
possible to tell who is using a remailer, but this is not the best
problem to solve right now.

> >How? There is certainly no clear mechanism in place. Does the
> >customer contact each remailer operator prior to sending the traffic,
> >thus opening up N opportunities for anonymity cracking.
>
>> Can do!  Remailer operators can easily advertise what they sell and
>> how much it costs without compromising the customer the same way
>> they advertise their remailer and its features now.
>
>Can do what? Anonymity cracking or create a payment system that
>allows for the intermediate parties to be paid but doesn't
>over-burden the user? The point is not to have the poor end user have
>to create a half- dozen payment arrangements to get chaining. It
>becomes a real hassle to do at that point.

No it doesn't.  Watch carefully:

$remailer{'cyber'} = '<alias at alias.cyberpass.net> alpha pgp';
$remailer{"mix"} = "<mixmaster at remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord ?";
$remailer{"replay"} = "<remailer at replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"jam"} = "<remailer at cypherpunks.ca> cpunk mix pgp hash middle latent cut ek money25cents";
$remailer{"winsock"} = "<winsock at rigel.cyberpass.net> cpunk pgp pgponly hash cut ksub reord ?";
$remailer{'nym'} = '<config at nym.alias.net> newnym pgp';
$remailer{"squirrel"} = "<mix at squirrel.owl.de> cpunk mix pgp pgponly hash latent cut ek";
$remailer{'weasel'} = '<config at weasel.owl.de> newnym pgp';
$remailer{"reno"} = "<middleman at cyberpass.net> cpunk mix pgp hash middle latent cut ek reord ?";
$remailer{"cracker"} = "<remailer at anon.efga.org> cpunk mix remix pgp hash ksub esub latent cut ek money25cents reord post";
$remailer{'redneck'} = '<config at anon.efga.org> newnym pgp';
$remailer{"bureau42"} = "<remailer at bureau42.ml.org> cpunk mix pgp ksub hash latent cut ek";
$remailer{"neva"} = "<remailer at neva.org> cpunk pgp pgponly hash cut ksub ?";
$remailer{"lcs"} = "<mix at anon.lcs.mit.edu> mix money25cents";
$remailer{"medusa"} = "<medusa at weasel.owl.de> money25cents mix middle"
$remailer{"McCain"} = "<mccain at notatla.demon.co.uk> mix middle";
$remailer{"valdeez"} = "<valdeez at juno.com> cpunk pgp pgponly hash ek";
$remailer{"arrid"} = "<arrid at juno.com> cpunk pgp pgponly money25cents hash ek";
$remailer{"hera"} = "<goddesshera at juno.com> cpunk pgp pgponly hash ek";
$remailer{"htuttle"} = "<h_tuttle at rigel.cyberpass.net> cpunk pgp hash latent cut post ek";

See if you can figure out which remailers accept money and how much
they accept.  Now, in figuring that out, did you do anything that
would reveal your identity?  Do you think a simple program could
handle the task?

Also, the remailer can still offer free operation, but it can give
nonpaying customers lower priority, delaying their messages by a few
hours, for example.  This means remailers still have a low barrier to
entry, but people can also pay a little money to get excellent
service.

>We're talking about the people that drive the one block to the store
>to get more beer...

You might be.  I'm interested in smart people who want to protect
their privacy.

>> I recommend that people start pricing at a quarter per message per hop
>> because it is easier to move prices down than to move them up.
>
>This is the silliest thing I think I have heard so far in this
>discussion....
>...And my experience is that prices move up and people expect them to.

Mind your manners.

Then look around.  For the last few hundred years just about
everything has been dropping in price.  And, in the computer and
information industry in particular, prices drop like crazy all the
time for decades, even when you adjust for inflation.  Buy memory
recently?

>A quarter a message per hop is about 2,000+ times too expensive to
>make anonymous remailers work.

If you want to run a remailer and charge a fraction of a cent for each
message, or for an account, or whatever, please be my guest.

>The key to anonyous remailers is not the cost per message but rather
>the amount of traffic to be carried.  Anonymous remailers are beasts
>of mass markets measured in millions of recipients.

That is obviously untrue.  Remailers are used by a small highly
specialized market of perhaps a few hundred people.  Some day, if we
do good work, there will be millions of users.

Can you think of any mass market which started out as a mass market?
I can't think of a single one.  But, there are lots of mass markets
that started out with a small group of people paying fairly high
prices.  As time went by, the prices dropped, more people came in, and
eventually a mass market developed.

>But the system to post charges BETWEEN remailers must be pretty
>consistent to be acceptable.

Untrue.  You just have to know what each remailer charges.  That's
about as hard as knowing what services it offers or that it exists.

>That is the key and it has NOT been discussed too any great
>degree. That inter-remailer traffic must be anonymous also or else
>traffic analysis can back-track.

I may be misreading this, but you do realize ecash is anonymous,
right?  Nobody can tell who sent the money, just who received it.

Perhaps you are arguing that The Enemy would notice that you withdrew
a bunch of coins and then make a guess that all those remailers making
deposits three minutes later are depositing your coins?  That is
easily solved by generating the ASCII ecash certificates once a week
or so and then pasting them into your messages when you send them.

>It seems to me that the remailers need some sort of anonymous payment
>server that is put in place for some other reason, that way they
>don't have to deal with the justification issue.

What justification issue?  Ecash is available right now.  You don't
have to justify it to anybody, just use it.

Hopefully, once the cypherpunks start using it regularly, it will
begin to catch on with people peripheral to the group, and then with
everyone.

>> >The problem I see is one of scale. The infrastructure for handling
>> >physical mail is very 'bulky' and requires a lot infrastructure.
>> 
>> >Email on the other hands effectively rides on the back of an existing
>> >Internet infrastructure for nearly free.
>> 
>> You are confusing one cost of doing business with the price the market
>> will bear.
>
>How?

You seem to think that because the cost of transporting mail is
inexpensive, the price for protecting somebody's identity can't be
high.

>What I am saying is that physical mail and the system developed for
>dealing with it went hand-in-hand. The design and advancement of the
>Internet technology is not driven by email or it's technology. That
>perhaps because of this difference perhaps we need to look at models
>other than the postage one. It in fact may be coloring our perception
>and a look at alternative models might help.

The only models that have been proposed so far require a lot of work
and evangelism.  Ecash doesn't require much work, and it will be
easier to evangelize.

Monty Cantsin
Editor in Chief
Smile Magazine
http://www.neoism.org/squares/smile_index.html
http://www.neoism.org/squares/cantsin_10.html

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBNC7PVpaWtjSmRH/5AQEt0wf8COJyUDKDbQCGVlbwKY5DuYaCdmAMQ6X2
7XmsVMzFdhMG0PifCslh5WhXyvFemLU93GSFvXBo/XS3WnzWei503prLWuz7VvEm
nDPxTCxcGUYDDejlJbDm7aKtGkFaEnGa8kAExLTDGu/bXcHVetPO2dnSF6civHKe
YT5uL7D6c2a+6eJqAmw79s6ClB0WEDG0rByKzO9Jd58SjSGcYmWAnb+SSJsNTgB3
jUgAC6SAJVWvRoKilH+71hEYV+199K0SLiqhmdUmzEntNktTJa6jZEjyfDi2TSJP
M6V62Wjb3Y8W3RauUfHvGRRvYsyniG6dct36fQgq9Bdl0GF8VmdYyg==
=r8Kc
-----END PGP SIGNATURE-----










More information about the cypherpunks-legacy mailing list