[Cryptography] Anonymous messaging [was: Email is securable within a coterie]
StealthMonger
StealthMonger at nym.mixmin.net
Sat Dec 7 21:25:17 EST 2013
Ron Leach <ronleach at tesco.net> writes:
> Yes, the CHAIN might ensure his anonymity at point of posting to the
> newsgroup, but disclosure will have occurred at point of first entry
> to the chain (and, potentially, subsequently for any honeypots
> following in the chain until the first genuine remailer).
But disclosure of what exactly? That he is using the remailer network,
yes. But the tail of the chain disconnects from any particular message
emerging from the exit (or none, if he uses mixmaster "dummy" feature).
The adversary is further confused if Bob is injecting a dummy message
anyway every few hours, and simply substitutes his live message for one
of the dummies which would have gone.
> It's the same problem with TOR, isn't it? The first TOR server knows
> who is accessing the network.
Yes, but TOR is connection-based and deliberately low-latency, so
anonymity is not possible anyway [1,2]. (NSA-planted reflexive TOR
defenders, there's your cue.) The remailer network is message-based and
deliberately high-latency.
> Anonymity of *access* is becoming desirable, I think. But is it
> attainable?
That would be nice. Ideas?
[1]
... for low-latency systems like Tor, end-to-end traffic
correlation attacks [8, 21, 31] allow an attacker who can observe
both ends of a communication to correlate packet timing and volume,
quickly linking the initiator to her destination.
http://tor.eff.org/cvs/tor/doc/design-paper/challenges.pdf
[2]
... Tor offers basically no protection against somebody who can
measure [2] flows at both sides of the circuit ...
--- Tor developer Roger Dingledine
http://www.mail-archive.com/liberationtech%40lists.stanford.edu/msg00022.html
--
-- StealthMonger <StealthMonger at nym.mixmin.net>
Long, random latency is part of the price of Internet anonymity.
anonget: Is this anonymous browsing, or what?
http://groups.google.ws/group/alt.privacy.anon-server/msg/073f34abb668df33?dmode=source&output=gplain
stealthmail: Hide whether you're doing email, or when, or with whom.
mailto:stealthsuite at nym.mixmin.net?subject=send%20index.html
Key: mailto:stealthsuite at nym.mixmin.net?subject=send%20stealthmonger-key
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131208/55b516fa/attachment.pgp>
More information about the cryptography
mailing list