Cryptography Reference
In-Depth Information
The approach defends against someone who has access to
the header which often gives the anonymous return address.
Now, this information can be encoded in the body. The plan is still
vulnerable because someone who knows the return address
my-alias@freds.remailer.com
mightbeabletocoerceFredintore-
vealing your name.
A different solution is to split up the return address into a secret.
When you opened an account at
freds.remailer.com
,youcould
give your return address as
R
1
.Thiswouldntbeaworkingreturn
address,itwouldjustbeonehalfofasecretthatwouldrevealyourre-
turn address. The other half,
R
2
, would be sent along to your friends
in the encrypted body of the letter. If they wanted to respond, they
would include
R
2
in the header of their return letter. Then,
freds-
.remailer.com
could combine
R
1
and
R
2
to reveal the true return
address.
The sender's half of the return address can arrive at the anony-
mous drop box at any time. The sender might have it waiting there
so the letter can be rerouted as soon as possible or the sender might
send it along three days later to recover the mail that happened to be
waiting there.
This split secret can be created in a number of different ways. The
simplest technique is to use the XOR addition described in Chapter 4.
This is fast to implement, and perfectly secure. The only practical
difficulty will be converting this into suitable ASCII text. email ad-
dresses are usually letters and some punctuation. Instead of creating
a full 8-bit mask to be XORed with the address, it is probably easier
to think of offsets in the list of characters. You could come up with
a list of the 60-something characters used in all email addresses and
call this string,
. Splitting an email address would consist of doing
the following steps on a character-by-character basis:
C
1. Choose a new character from
C
. Store this in
R
1
.Let
x
be its
position in
C
.
2. To encode a character from the email address, find the charac-
ter's position in
C
and move
x
characters down
x
.Ifyougetto
the end, start again.
3. Store this character in
R
2
.
The reverse process is easy to figure out. This will produce a
character-only split of the email address into two halves,
R
2
.
R
1
is deposited at an anonymous remailer and attached to some
pseudonym.
R
1
and
R
2
is sent to anyone whom you want to respond to you.
