Public Anonymity

Peter Fairbrother peter.fairbrother at ntlworld.com
Sat Oct 20 18:43:51 EDT 2001 

> Dave Bird wrote:
 
> In article <xdNOyqAHaa07EwTx at xemu.demon.co.uk>, Dave Bird
> <dave at xemu.demon.co.uk> writes
>> In article <3BD17837.5020603 at skygate.co.uk>, Pete Chown
>> <Pete.Chown at skygate.co.uk> writes
> 
> P.S. I don't know exactly how mixmaster works, but you could
> really mess up traffic analysis like this.  Remailer#1
> gets a digest with say KByte plaintext blocks from different
> messages encrypted to it.  It can unwrap this and rearrange blocks
> into each whole message.  It now has a message pool from
> packages various people sent it.  Most have onward destinations
> to other remailers, and it repeats the process of chopping up
> messages and sending them a digest of blocks.  This is a bit
> more than mixmaster currently does (I think), because many
> people don't start as mixmaster packages at the user.  In and
> out are always the weakest points, because then blocks will at
> least assemble into messages from the same sender or to the
> same recipient.  

It might help, but if there are laws requiring _all_ ISP's, remailers, and
mixmasters to reveal everything, which is where it seems we may be going,
then it will do no good. Only public anonymity systems will work here
(public refers to _all_ the workings of the communication system being
public, with the exception of your own internal processing of data. I assume
you trust yourself, and can secure your own computer/brain).

All non-public systems (most of the usual anonymity systems except stego)
rely on some function being _secretly_ done by a "trusted" third party,
perhaps with only one out out many possible TTP's actually being trustable.
This has in the past been a good assumption in many cases, but if worldwide
leglislation imposes mass disclosure requirements it may no longer be
tenable. Here public anonymity becomes important.



In a good public anonymity system it should be possible for Alice to send
Bob a message when all the other players are possible spies for (insert
here), and for it to be impossible for anyone, _including Bob_, to prove
Alice sent any messages at all. This is hard, it is much easier if Alice can
trust Bob, but it may be necessary to assume Bob is potentially an
enemy/traitor.

(challenge for any budding cryptologists, or even established ones -
describe a secure public anonymity system where Bob is not trusted. Case of
beer for any better solutions than mine, or a case for the best solution
anyway. I will post mine later, it's not that good, this is brainstorming
not STO.)

-- Peter Fairbrother

peter at m-o-o-t.org




---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list