"Swiss bank in a box"

Tim May tcmay at got.net
Sat Dec 22 13:12:02 PST 2001


On Saturday, December 22, 2001, at 11:29 AM, Adam Shostack wrote:

> On Fri, Dec 21, 2001 at 01:21:27PM -0800, Len Sassaman wrote:
> |
> | In conclusion, I leave you with a question: if remailer users are 
> reduced
> | to a small number of high-paying remailer customers for whom 
> anonymity is
> | not a game, but a matter of life or death, could a mix-net be made to
> | provide any sufficient degree of security? "No" is the easy answer. 
> Say
> | yes, and prove it.
>
> No.  If your anonymity set is small, then using the system calls
> attention to you, and your adversary can simply attack all the users
> with physical layer attacks (bugged keyboards, video cameras in
> ceilings, tempest, etc.).  Further, if the user set is small you're
> probably more concerned with unobservability than with unlinkability
> or untracability.


Likewise, if only a small number of people are using Swiss banks, or Yap 
stone wheels, or nearly any other particular financial instrument then 
the anonymity set is too small. It's not too hard to know who is 
spending that Yap stone wheel.

I say "nearly" because gold, say, has some nice physical properties 
which things like currency notes, bank accounts, diamonds, etc. don't 
have: gold can be melted and all traces of origin lost, save for some 
expensive tinkering with isotopic ratios, maybe. Note that I am not 
advocating gold, and especially not E-Gold, just noting facts.)

A lot of the complaints we see about cryptographic implementations of 
things are also echoed in the real world. It's unreasonable to expect 
crypto to solve all problems. To emphasize this point: When we hear 
about limitations on the privacy of remailers or digital cash 
implementations, we should think about comparable situations with 
ordinary mail, ordinary currency, etc. A  lot of systems seemingly fail! 
The fact that we continue to use them, because they are embedded in a 
larger system (of reputations, ontological speed bumps, etc.) tells us 
that crypto is only a part of the overall picture. Too many crypto folks 
find flaws and declare the whole approach dead.

On Len's earlier point, DC Nets are the answer. The 1992 design for 
"envelopes within envelopes remailers" is just the 1981 Chaumian 
untraceable e-mail. He knew even then that it was subject to the types 
of attacks described above. Hence the DC Net. A huge amount of stuff is 
available on DC Nets, on the Web, in the CP archives, in the literature 
(Crypto and Eurocrypt Proceedings, esp. by Chaum, Pfitzmann, etc.).

Even with DC Nets, the concern is immediately one of "collusion sets" 
(or "compromised sets," if the FBI/FinCEN/NSA have instrumented nodes).

By the way, the attack that Adam describes, of the attacker placing 
video cameras and monitoring devices, is not inexpensive. For example, I 
doubt that Swiss banks in Geneva and Zurich have been compromised in 
this way...though I expect that wire transfers into and out of such 
banks are observed and recorded.

(One of the early remailers was located in a vault formerly used for an 
accelerator near Amsterdam. Pretty hard for FinCEN or NSA to get cameras 
in there. Ditto for some of the vaults in the U.K. being used for colo. 
Ditto for HavenCo (though I am not necessarily endorsing the use of 
platforms in the North Sea),)

I think the continued existence of private banking systems for high net 
worth individuals shows that even relatively small sets of interacting 
parties can achieve privacy. This may not be doable with remailers which 
are operated by, for example, 22-year-old grad students who have spent a 
couple of hours setting up a remailer on their 600 MHz Celeron box, or 
even by computer professionals like Len willing to spend more time and 
effort, but it looks doable.

Paid remailers are just as necessary for the longterm health of the 
remailer business as paid banks were and are for the banking business. 
"Swiss bank in a box" may look like a neat little bit of code to play 
with in the latest Debian code release, but it ain't really a Swiss bank.

And folks saying Swiss banks can't provide privacy because "Swiss bank 
in a box" doesn't really work very well....


--Tim May
"Stupidity is not a sin, the victim can't help being stupid.  But 
stupidity is the only universal crime;  the sentence is death, there is 
no appeal, and execution is carried out automatically and without pity." 
--Robert A. Heinlein





More information about the cypherpunks-legacy mailing list