[liberationtech] Jacob Appelbaum's Ultrasurf Report

[Michael Rogers]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 26/04/12 06:44, Jacob Appelbaum wrote:
> Practically, I also think that mixmaster is an example of "great on
> paper" and soon we'll see how it works out in the real world. Now
> that the FBI is taking nodes left (in New York last week) and right
> (in Austria this week) - we'll note that some of these anonymity
> properties are coming up for a serious test. For example, if you
> don't compose Tor and Mixmaster together, what happens when you're
> the only person to ever connect to Mixmaster? I think the answer is
> that you're a suspect, cryptographic evidence be damned.

While your point about the importance of non-cryptographic evidence is
well taken, the FBI's behaviour in this case is consistent with an
investigation looking for cryptographic evidence.

Mixmaster doesn't provide forward secrecy - if you've recorded the
messages entering and leaving a remailer (which seems plausible for
the FBI, especially during the investigation of a long series of bomb
threats), you can seize the remailer and use its private key to match
incoming and outgoing messages. If the message you're interested in
came from another remailer, seize it and repeat. If not, you've found
the sender.

This attack against Mixmaster has been known about for ten years. If
nothing else, I hope this case revives interest in Mixminion...

Cheers,
Michael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJPmYTvAAoJEBEET9GfxSfM9akH/0hK+YL20YcLAh3gNRFwliv4
Kuz6kHRzZML4G8lqzjObE/sbEPzEgwZFcgDIi33uflkd5Gzhd2JHyV41BsgRqynC
gFKUgUT52Fw4TFKdJvU5S+ww2BT7ejsveG6XKabzJpaHnVG+vj94YhMNED+CjPRt
5fKgkQfAge/NQ9UF0mkigawGGgXTNylcddBN3DJSJ/oWCXOuzMTjZpVMmeKCt/R6
zOGY8uLfaA1VV6YWkMf81suNdPy/ll3nPWF/ipLtGIqDpfefOzGPjbXXsUpW76AD
panCl+sMIT0wbbsPwhf//2KEwkRae0h7dIiwYD4kMhIQaH5oKbj3X2VuJBghbt8=
=OQTa
-----END PGP SIGNATURE-----