When a message moves across a communication network, normally it has an "envelope" containing address information and metadata about the message necessary for its delivery. For a letter that is physically mailed, the envelope is the physical envelope. For a TCP/IP packet, the envelope is a packet header. For email, it is the SMTP header...you get the picture.
Even if the content of the envelope is secret, a great deal of information can be gathered from analysis of the envelopes, which are generally unencrypted so the message can be transmitted efficiently. But what if you wanted to keep the envelope secret, too?
It seems to me there are a small number of key ingredients to any system that could transmit messages and keep the recipient secret:
1. The "address" must be something that only the recipient would recognize. One approach would be for the recipient to provide a public key, and for the address to consist of a block of mostly random data with some unique property, encrypted using the public key. For example, the block of data could be 256 bytes long, and consist of the byte values 0x00 - 0xFF in a random order.
2. Messages must be distributed broadly, and should pass through many hands.
The upshot is that you exchange efficiency in transmission for anonymity. I wonder if there is an equation that would say how inefficient the transmission system needs to be in order to guarantee a certain amount of anonymity.
1. The "address" must be something that only the recipient would recognize. One approach would be for the recipient to provide a public key, and for the address to consist of a block of mostly random data with some unique property, encrypted using the public key. For example, the block of data could be 256 bytes long, and consist of the byte values 0x00 - 0xFF in a random order.
2. Messages must be distributed broadly, and should pass through many hands.
The upshot is that you exchange efficiency in transmission for anonymity. I wonder if there is an equation that would say how inefficient the transmission system needs to be in order to guarantee a certain amount of anonymity.
No comments:
Post a Comment