Cryptography Reference
In-Depth Information
In and Out Tracking
The attacker watches as messages go in and
out of the remailer andmatches themup by either order or size.
The defense against this is to keep
n
messages in an internal
queue and dispense them in random order. The messages are
either kept all the same size or randomly padded at each itera-
tion.
Remailer Flooding
Imagine that one remailer receives a letter and
the attacker wants to know where it is going. The remailer
keeps
letters in its queue and dispenses them randomly. The
attacker can send
n
messages to the remailer just before the
message in question arrives. The attacker knows the destina-
tion of her own
n
messages, so she can pick out the one mes-
sage different from the flow. If the messages are sent out ran-
domly, then the attacker must send another
n
n
messages to en-
sure that subsequent messages won't confuse her.
One defense against this approach is remailer broadcasting.
Instead of sending each subsequent message to a particular
remailer using one-to-one mail delivery, the remailer would
broadcast it to a group of other remailers. Only one remailer
would have the right key to decrypt the next address. The oth-
ers would simply discard it.
Replay Attack
An attacker grabs a copy of the message as it goes
by. Then it resends it later. Eventually the letter will make its
way through the chain of remailers until it arrives at the same
destination as before. If the attacker keeps track of all of the
mail going to all of the destinations and replays the message
several times, then only one consistent recipient will emerge.
This is the destination.
The best solution is to require that eachmessage contain an in-
dividual ID number that is randomly generated by the sender.
The remailer stores this ID in a large file. If it encounters an-
other message with the same ID, then it discards the message.
The size of this ID should be large enough to ensure that two
IDs will almost certainly not match if they're chosen at random.
Forged Mail Attack
It is relatively easy to fake mail sent to an SMTP.
Someone could pretend to be you when they sent the anony-
mous message containing something illegal. If the police were
willing to pressure the remailer operator into revealing names,
then you could be fingered for something you didn't do.
The passwords used by many remailers are a good defense
against this problem. The anonymous remailer won't send
