On Sat, 4 Mar 2000, dmolnar wrote:
> On Sat, 4 Mar 2000, Jim Choate wrote:
>
> > Anonymous mailer operaters can most definitely be considered to be 'doing
> > anything' if it is found they're in the loop of a criminal investigation.
>
> Yes. This is why I think it is important that even the senders of
> anonymous mail not be able to prove after message delivery that a
> particular message went through a particular remailer. Preferably
> not be able to prove, ever, but you can always seize the entire remailer
> chain and follow the message step by step.
This is a point I've been making about the existing anonymous remailers
for quite a while. The primary issue to the experiments that the Austin
Cypherpunks did several years ago indicated that key managment is the
biggest unsolved problem. If a suitable key management scheme could be
found then end-to-end completely anonymous transactions could take place
today with existing technology.
This relates slightly to a RFI I got the other day. The question was "How
would one go about subscribing to the CDR anonymously both for submission
and delivery?"
Turns out there ain't no good answer right now. This particular aspect of
anon anything has been my primary interest for quite a while. I would
advise anyone interested in this aspect to review the 9P network system in
AT&T's Plan 9 (there's a new version due out w/ new licensing it is
hoped).
> > Why would any of the payment mix operators be 'doing anything' other than
> > the entry and exit points? All the data would be encrypted and unreadable
> > to all the intermediary machines. In an ideal world even the entry and
> > exit points should only receive encrypted (and therefor anonymous)
> > traffic.
>
> I was under the impression that payment mixes were to be built on top of
> existing, non-anonymous payment schemes. That is, if we have a chain of
> payments mix servers Alice-Bob-Carol --- Yeltsin-Zelda, each of them
> has an account whose activity is tracked by some bank.
My mistake, I was thinking along the lines of Hettinga's system using
digital bearer bonds.
So what you're proposing is a 3rd party that opens accounts at local banks
and joins a mix chain. Then users with accounts at appropriate banks could
then transfer funds through these intermediaries anonymously through
transfers to/from the mix accounts? The bank (and presumably 3rd parties)
would be able to track transactions of their users into/out of the mix
accounts. Whereas the tracking of the final destination would be encrypted
in some manner by the user of their local mix so even the mix operator
would not know which bank and recipient user was involved, only the
sender?
I'm not sure this will work. Let me diagram out the process as I see it.
Consider:
user_a transfer @1 to mix_1 both at bank_1. Now mix_1 must know the
destination, or at least the next step in the chain. Easily traced with
standard traffic analysis. Now mix_1 give it to mix_2, who gives it to
mix_n, etc. Now mix_n has the @1 packet at the destination bank. The
packet that mix_n gets must also include a user account and some sort of
deposit authentication for the bank_n.
It's worth noting that if you can grab the transfer chain at any point you
can follow it to it's destination. Also, I assume that user_b doesn't as a
matter of course hand out authorization for random deposits in their
account.
Also, how do mix_# get a cut of the pie? They've got bills to pay after
all. How does user_a know how much 'transfer fee' to include? Doesn't this
imply some sort of commen organization between mix operators to determine
policies and process?
> The payments made between Alice and Bob, or Bob and Carol, and so on,
> can be audited by the bank.
How? As I understand the mix the source bank has no clue who the
destination bank is, or else why are we doing the mix? Isn't this the goal
to provide anonymity to the process?
> Now, the bank may not have access to the instructions which tell Bob to send
> $X to Carol (this is the encrypted data you're writing about)
They will have the withdrawal or transfer request from Bob to the local
remailer account. If not then we're then injecting yet another layer of
digital commerce here that we haven't defined in any way.
It's almost like what we need is a digital Western Union. When I go in to
the grocer and buy a $200 M.O. they have no clue as to where it is going
or whom. Not until it get's to the destination is it verified that the
funds reached their destination. This system injects anonymity at this
point if I understand correctly.
> -- but he will see that Bob receives lots of money and then forwards lots of
> that money onwards. This will raise suspicion for Bob; I don't know money
> laundering laws well enough to say if it is actually illegal.
It's got to work for little quantities as well. The fact is that under any
transfer system that uses the existing banking system large quantity
transfers are going to be problematic. But for things like buying your
monthly quarter pound of pot for $300 nobody would notice with it buried
in with the mortgage/rent, utilities, living expences, etc.
> Does anyone know of a good survey/introduction of money laundering laws?
> Paper is fine.
I find findlaw.com to be very useful.
____________________________________________________________________
The future is downloading. Can you hear the impact?
O[rphan] D[rift>]
Cyber Positive
The Armadillo Group ,::////;::-. James Choate
Austin, Tx /:'///// ``::>/|/ [EMAIL PROTECTED]
www.ssz.com .', |||| `/( e\ 512-451-7087
-====~~mm-'`-```-mm --'-
--------------------------------------------------------------------
