Cryptography Reference
In-Depth Information
through five remailers, for instance, then the others are filled with
random noise. Each entry in the table contains a bit that identifies it
as a “final” hop. If that bit is set, then the key is used to decrypt the
main block.
The main block of each message is also kept the same size. If a
current message is too short, then padding is added until it is 20k
long. If it is too long, then it is broken into 20k blocks. This size
is flexible, but it should be set to a constant for all messages. This
prevents anyone from identifying the messages from their size or the
change of size.
Mixmaster software andmuchmore information can currently be
found at
obscura.com
.
10.3.1 Other Remailer Packages
One of the nicest, feature-rich programs for UNIX-basedmachines is
Mailcrypt, written in emacs-lisp for use with the popular GNU Emacs
program distributed by the GNU project. The software, created by
Patrick LoPresti, will handle all of the basic encryption jobs for mail
including encrypting outgoing mail, decrypting incoming mail, and
evaluating signatures. The software interacts with the major UNIX
mail reading programs like MH-E, VM, and Rmail.
The software also includes a good implementation that will cre-
ate chains of remailers. When you choose this option, it will auto-
matically create a nested packet of encrypted envelopes that will be
understood by the remailers on the list maintained by Raph Levien.
You can create lists of possible remailer chains for future use.
These can either be hard coded lists or they can be flexible. You can
specify, for instance, that Mailcrypt should choose a different ran-
dom ordering of four remailers everytime it sends something along
the chain. You could also request that Mailcrypt use the four most
reliable remailers according to the list maintained by Raph Levien.
This gives you plenty of flexibility in guiding the information. To get
Mailcrypt, go to
http://cag-www.lcs.mit.edu/mailcrypt/
.
Mailcrypt also makes it easy to use pseudonyms very easily. You
can create a PGP key pair for a secret identity and then publicize it.
Then if you want to assume a name like Silence Dogood, you could
send off your messages through a chain of remailers. The final read-
ers would be able to verify that the message came from the one and
only original Silence Dogood because they would be able to retrieve
the right public key and check the signature. Some people might try
and imitate him or her, but they would not own the corresponding
secret key so they couldn't issue anything under this pseudonym.
