JAP back doored
John Kelsey
kelsey.j at ix.netcom.com
Fri Aug 22 23:20:43 PDT 2003
At 05:54 AM 8/22/03 +0200, Thomas Shaddack wrote:
>On Thu, 21 Aug 2003, Vincent Penquerc'h wrote:
> > Still useful to protect against third party eavesdroppers, I guess.
>
>Could it be at least somehow useful as a part of some bigger scheme, a
>layer of a cake? Can a distributed multilayered proxy be built with some
>less-than-trusted components?
For this kind of system, I think it's really hard to get much security from
the people at the endpoints of the chain of anonymizers. Specifically, if
the attacker has control of both the entry and exit anonymizer, or if he
has control of, say, a target site and the entry anonymizer, he can pretty
reliably unmask the user's identity with just a few minutes of
browsing. Wei Dai discussed this idea several years ago, and I later
reinvented the same idea.
--John Kelsey, kelsey.j at ix.netcom.com
PGP: FA48 3237 9AD5 30AC EEDD BBC8 2A80 6948 4CAA F259
More information about the cypherpunks-legacy
mailing list