Pseudonymous remailer

Last updated

A pseudonymous remailer or nym server, as opposed to an anonymous remailer, is an Internet software program designed to allow people to write pseudonymous messages on Usenet newsgroups and send pseudonymous email. Unlike purely anonymous remailers, it assigns its users a user name, and it keeps a database of instructions on how to return messages to the real user. These instructions usually involve the anonymous remailer network itself, thus protecting the true identity of the user.

Contents

Primordial pseudonymous remailers once recorded enough information to trace the identity of the real user, making it possible for someone to obtain the identity of the real user through legal or illegal means. This form of pseudonymous remailer is no longer common.

David Chaum wrote an article in 1981 that described many of the features present in modern pseudonymous remailers. [1]

The Penet remailer, which lasted from 1993 to 1996, was a popular pseudonymous remailer.

Contemporary nym servers

A nym server (short for "pseudonym server") is a server that provides an untraceable e-mail address, such that neither the nym server operator nor the operators of the remailers involved can discover which nym corresponds to which real identity.

To set up a nym, one creates a PGP keypair and submits it to the nym server, along with instructions (called a reply block) to anonymous remailers (such as Cypherpunk or Mixmaster) on how to send a message to one's real address. The nym server returns a confirmation through this reply block. One then sends a message to the address in the confirmation.

To send a message through the nym server so that the From address is the nym, one adds a few headers,[ clarification needed ] signs the message with one's nym key, encrypts it with the nym server key, and sends the message to the nym server, optionally routing it through some anonymous remailers. When the nym server receives the message it decrypts it and sends it on to the intended recipient, with the From address indicating one's nym.

When the nym server gets a message addressed to the nym, it appends it to the nym's reply block and sends it to the first remailer in the chain, which sends it to the next and so on until it reaches your real address. It is considered good practice to include instructions to encrypt it on the way, so that someone (or some organization) doing in/out traffic analysis on the nym server cannot easily match the message received by you to the one sent by the nym server.

Existing "multi-use reply block" nym servers were shown to be susceptible to passive traffic analysis with one month's worth of incoming spam (based on 2005 figures) in a paper by Bram Cohen, Len Sassaman, and Nick Mathewson. [2]

See also

Related Research Articles

A cypherpunk is any individual advocating widespread use of strong cryptography and privacy-enhancing technologies as a route to social and political change. Originally communicating through the Cypherpunks electronic mailing list, informal groups aimed to achieve privacy and security through proactive use of cryptography. Cypherpunks have been engaged in an active movement since at least the late 1980s.

Mixmaster is a Type II anonymous remailer which sends messages in fixed-size packets and reorders them, preventing anyone watching the messages go in and out of remailers from tracing them. It is an implementation of a Chaumian Mix network.

An anonymous remailer is a server that receives messages with embedded instructions on where to send them next, and that forwards them without revealing where they originally came from. There are cypherpunk anonymous remailers, mixmaster anonymous remailers, and nym servers, among others, which differ in how they work, in the policies they adopt, and in the type of attack on the anonymity of e-mail they can resist. Remailing as discussed in this article applies to e-mails intended for particular recipients, not the general public. Anonymity in the latter case is more easily addressed by using any of several methods of anonymous publication.

A cypherpunk anonymous remailer also known as a Type I remailer is a type of anonymous remailer that receives messages encrypted with PGP or GPG, follows predetermined instructions, strips any identifying information, then forwards these messages to the desired recipient.

The Penet remailer was a pseudonymous remailer operated by Johan "Julf" Helsingius of Finland from 1993 to 1996. Its initial creation stemmed from an argument in a Finnish newsgroup over whether people should be required to tie their real name to their online communications. Julf believed that people should not—indeed, could not—be required to do so. In his own words:

<span class="mw-page-title-main">Len Sassaman</span> American technologist and cryptographer (1980–2011)

Leonard Harris Sassaman was an American technologist, information privacy advocate, and the maintainer of the Mixmaster anonymous remailer code and operator of the randseed remailer. Much of his career gravitated towards cryptography and protocol development.

<span class="mw-page-title-main">David Chaum</span> American computer scientist and cryptographer

David Lee Chaum is an American computer scientist, cryptographer, and inventor. He is known as a pioneer in cryptography and privacy-preserving technologies, and widely recognized as the inventor of digital cash. His 1982 dissertation "Computer Systems Established, Maintained, and Trusted by Mutually Suspicious Groups" is the first known proposal for a blockchain protocol. Complete with the code to implement the protocol, Chaum's dissertation proposed all but one element of the blockchain later detailed in the Bitcoin whitepaper. He has been referred to as "the father of online anonymity", and "the godfather of cryptocurrency".

<span class="mw-page-title-main">Onion routing</span> Technique for anonymous communication over a computer network

Onion routing is a technique for anonymous communication over a computer network. In an onion network, messages are encapsulated in layers of encryption, analogous to the layers of an onion. The encrypted data is transmitted through a series of network nodes called "onion routers," each of which "peels" away a single layer, revealing the data's next destination. When the final layer is decrypted, the message arrives at its destination. The sender remains anonymous because each intermediary knows only the location of the immediately preceding and following nodes. While onion routing provides a high level of security and anonymity, there are methods to break the anonymity of this technique, such as timing analysis.

An anonymous P2P communication system is a peer-to-peer distributed application in which the nodes, which are used to share resources, or participants are anonymous or pseudonymous. Anonymity of participants is usually achieved by special routing overlay networks that hide the physical location of each node from other participants.

The Invisible Internet Project (I2P) is an anonymous network layer that allows for censorship-resistant, peer-to-peer communication. Anonymous connections are achieved by encrypting the user's traffic, and sending it through a volunteer-run network of roughly 55,000 computers distributed around the world. Given the high number of possible paths the traffic can transit, a third party watching a full connection is unlikely. The software that implements this layer is called an "I2P router", and a computer running I2P is called an "I2P node". I2P is free and open sourced, and is published under multiple licenses.

<span class="mw-page-title-main">.fi</span> Internet country code top-level domain for Finland

.fi is the Internet country code top-level domain (ccTLD) for Finland. It is operated by TRAFICOM, the Finnish Transport and Communications Agency.

Johan "Julf" Helsingius, born in 1961 in Helsinki, Finland, started and ran the Anon.penet.fi internet remailer.

<span class="mw-page-title-main">Mixminion</span>

Mixminion is the standard implementation of the Type III anonymous remailer protocol. Mixminion can send and receive anonymous e-mail.

In anonymity networks, it is important to be able to measure quantitatively the guarantee that is given to the system. The degree of anonymity is a device that was proposed at the 2002 Privacy Enhancing Technology (PET) conference. Two papers put forth the idea of using entropy as the basis for formally measuring anonymity: "Towards an Information Theoretic Metric for Anonymity", and "Towards Measuring Anonymity". The ideas presented are very similar with minor differences in the final definition of .

<span class="mw-page-title-main">Mix network</span> Routing protocol

Mix networks are routing protocols that create hard-to-trace communications by using a chain of proxy servers known as mixes which take in messages from multiple senders, shuffle them, and send them back out in random order to the next destination. This breaks the link between the source of the request and the destination, making it harder for eavesdroppers to trace end-to-end communications. Furthermore, mixes only know the node that it immediately received the message from, and the immediate destination to send the shuffled messages to, making the network resistant to malicious mix nodes.

Garlic routing is a variant of onion routing that encrypts multiple messages together to make it more difficult for attackers to perform traffic analysis and to increase the speed of data transfer.

An anonymizer or an anonymous proxy is a tool that attempts to make activity on the Internet untraceable. It is a proxy server computer that acts as an intermediary and privacy shield between a client computer and the rest of the Internet. It accesses the Internet on the user's behalf, protecting personal information of the user by hiding the client computer's identifying information. Anonymous proxy is the opposite of transparent proxy, which sends user information in the connection request header.

The Winston Smith Project is an informational and operational project for the defence of human rights on the Internet and in the digital era. The project was started in 1999 as an anonymous association and it is characterised by the absence of a physical reference identity.

<span class="mw-page-title-main">Hal Finney (computer scientist)</span> Cryptograph and cypherpunk

Harold Thomas Finney II was an American software developer. In his early career, he was credited as lead developer on several console games. Finney later worked for PGP Corporation. He also was an early bitcoin contributor and received the first bitcoin transaction from bitcoin's creator Satoshi Nakamoto.

Invisible mail, also referred to as iMail, i-mail or Bote mail, is a method of exchanging digital messages from an author to one or more recipients in a secure and untraceable way. It is an open protocol and its java implementation (I2P-Bote) is free and open-source software, licensed under the GPLv3.

References

  1. Chaum, David (February 1981). "Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms" (PDF). Communications of the ACM. 24 (2): 84–90. doi:10.1145/358549.358563. S2CID   30340230.
  2. See The Pynchon Gate: A Secure Method of Pseudonymous Mail Retrieval Len Sassaman and Bram Cohen and Nick Mathewson (November 2005). Sabrina De Capitani di Vimercati and Roger Dingledine (ed.). "The Pynchon Gate: A Secure Method of Pseudonymous Mail Retrieval" (PDF). Proceedings of the Workshop on Privacy in the Electronic Society (WPES 2005). ACM Press. doi:10.1145/1102199.1102201. S2CID   356770 . Retrieved June 6, 2008.

Further reading

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.