News: "U.S. May Help Chinese Evade Net Censorship"

Adam Shostack adam at homeport.org
Thu Aug 30 11:07:58 PDT 2001


On Thu, Aug 30, 2001 at 10:02:54AM -0700, Tim May wrote:
| Alas, the marketing of such "dissident-grade untraceability" is 
| difficult. Partly because anything that is dissident-grade is also 
| pedophile-grade, money launderer-grade, freedom fighter-grade, 
| terrorist-grade, etc.

I think a larger problem is that we don't know how to build it.  Once
we build it, we may be able to market it.  But when you look at
building something for dissidents, you realize that you have very high 
stealth requirements, since using such software is likely to subject
its users to rubber-hose, and harsher forms of attack.

Productizing stealth systems is hard; the adversaries can take them
apart and find discriminators.  Not productizing stealth systems is
risky; your custom systems are likely to be of different strengths,
and the weak ones will provide your adversaries with training on how
to attack the hard ones, as well as insight into how you're producing
them.  (See for example, Enigma, increasing rotors; One-time-pad,
Soviet typewriters; British bingo cages.)

Also worth reading is "Traffic Analysis Attacks and Trade-Offs in
Anonymity Providing Systems" by Back, Muller and Stiglic, at
http://crypto.cs.mcgill.ca/~stiglic/publications.html

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





More information about the cypherpunks-legacy mailing list