[Cryptography] 2008 revision of Bitcoin whitepaper

StealthMonger StealthMonger at nym.mixmin.net
Mon Jan 26 08:17:26 EST 2015


In an unsigned message it is written:

> On Jan 24, 2015, at 2:48 PM, StealthMonger <StealthMonger at nym.mixmin.net> wrote:
>> It's 183697 bytes and doesn't compress very much, so it won't fit in one
>> mixmaster mail message.  I'm an untraceable pseudonym.  How could I get
>> it to you without becoming traceable?  I have played file split games
>> for large files and could look up my notes on how to do that.  Are you
>> up for that?

> Why not Pastebin?

How could it be uploaded to Pastebin anonymously?  Posting to the web
cannot be done anonymously [1].

Several other writers have also suggested, on-list and off, various
schemes for uploading this file, including Tor, mega.co.nz, Pastebin,
and owncloud.rg.net.  They all have in common a low-latency connection
for the upload.  (PLEASE CORRECT!)  This posting is meant to reply to
all of these suggestions, to save time for all concerned.

Tor is not anonymous [2,3,4].  No low-latency, connection-based protocol
can be anonymous: On the assumption that a resourceful adversary such as
NSA collects IP packet addresses, times, and sizes from key points on
the Internet, end-point IP packet timing can be correlated to connect
source and destination, ruining anonymity.

The only way I know to stay anonymous is to use chains of anonymizing
remailers having deliberately long, random latency and traffic mixing.
With store-and-forward, the security is in the message, not the
connection.

The 183697 byte version of bitcoin.pdf received here 2008 November 8,
sha256 427c63b364c6db914cf23072a09ffd53ee078397b7c6ab2d604e12865a982faa
is now available by robot mail [5] (along with other files mentioned in
the index [6]).

A writer suggests using the Unix command split for this job.  mixmaster
also has its own split.  These have technical problems, so the robot
uses the rfc1521 Message/Partial subtype.  Expect about 30 mails, spread
over maybe a day.  Requests are served sequentially, so if there are
several, expect further delay.

Someone paraphrased my .sig:

> It seems that the price of privacy and anonymity is being unable to
> communicate...

...or at least there are obstacles.  Yep.  This writer "gets it".

> Discuss.

That would be good.  Is this the forum?

It seems that most people are so enamored with connection-based
communication that they lose sight of the anonymity penalty it imposes.

 -----

[1] except in those rare cases where the server accepts parameters in
the HTTP GET URL rather than a POST.  Then the GET can be done through a
chain of anonymizing remailers to a mail-to-web gateway.

[2]
   ... for low-latency systems like Tor, end-to-end traffic
   correlation attacks [8, 21, 31] allow an attacker who can observe
   both ends of a communication to correlate packet timing and volume,
   quickly linking the initiator to her destination.

http://tor.eff.org/cvs/tor/doc/design-paper/challenges.pdf

[3]
   ... Tor offers basically no protection against somebody who can
   measure [2] flows at both sides of the circuit ...
     --- Tor developer Roger Dingledine

http://www.mail-archive.com/liberationtech%40lists.stanford.edu/msg00022.html

[4] "Users Get Routed: Traffic Correlation on Tor by Realistic
    Adversaries", Aaron Johnson, Chris Wacek, Rob Jansen, Micah Sherr,
    Paul Syverson, 2013

   ABSTRACT ... Our results show that Tor users are far more susceptible
   to compromise than indicated by prior work. ...

http://www.ohmygodel.com/publications/usersrouted-ccs13.pdf

[5] mailto:stealthsuite[..]nym.mixmin.net?subject=send%20bitcoin.pdf

[6] mailto:stealthsuite[..]nym.mixmin.net?subject=send%20index.html


-- 


 -- StealthMonger
    Long, random latency is part of the price of Internet anonymity.


Key: mailto:stealthsuite[..]nym.mixmin.net?subject=send%20stealthmonger-key

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150126/04cb9d63/attachment.sig>


More information about the cryptography mailing list