Cryptography Reference
In-Depth Information
They must include
R
2
in their letter so the remailer can assemble the
return address for you.
An even more sophisticated approach can use the digital signa-
ture of the recipient. The initiator of the conversation could deposit
three things at the return remailer: the pseudonym, one half of the
return address,
R
1
,andthepublickeyofthepersonwhomightbere-
sponding. When that person responds, they must send
R
2
)
.This
is the other half of the secret encoded with the private key. The re-
mailer has the corresponding public key so it can recover
f
e
(
R
2
and
send the message on its way.
The systems can be made increasingly baroque. A remailer might
want to protect itself against people banging down its door asking
for the person who writes under a pseudonym. This can be ac-
complished by encrypting the remailer's files with the public keys
of the recipient. This is better explained by example. Imagine that
Bob wants to start up an anonymous communication channel with
Ray through
freds.remailer.com
. Normally,
freds.remailer.com
would store Bob's return address, call it
,andmatchitwithBob's
pseudonym,
maskT-AvEnGrr
. Naturally, someone could discover
B
B
by checking these files.
freds.remailer.com
can protect itself by creating a session key,
k
i
, and encrypting it with Ray's public key,
f
ray
(
k
i
)
.Thisvalueissent
along to Ray with the message. Then it uses
k
i
to encrypt
B
using
some algorithm like triple DES before discarding
k
i
.Now,onlyRay
holds the private key that can recover
k
i
and thus
B
.
freds.remail-
er.com
is off the hook. It couldn't reveal
even if it wanted to.
This solution, unfortunately, can only handle one particular on-
going communication. It would be possible to create different ses-
sion keys for each person to whom Bob sends mail. This increases
the possibility that
B
B
could be discovered by the remailer who keeps
acopyof
thenexttimethatmailfor
maskT-AvEnGrr
comes through
with a session key attached.
B
10.4 Anonymous Networks
Anonymous remailers move single packets. Some will fetch web-
pages anonymously. It should come as no surprise that ambitious
programmers extended these ideas to provide seamless tools for
routing all packets to the Internet. They have essentially created
TCP/IP proxies that encrypt all data leaving the computer and then
bounce it through a network of servers that eventually kick it out into
the Internet at large.
