This chapter explores and examines various classes of privacy enhancing technologies. E-mail anonymity systems allow a user to send e-mail without revealing his or her personal information, such as identity, e-mail address, or Internet protocol (IP) address. Also, E-mail pseudonymity systems give the users the opportunity to set up persistent pseudonymous systems, where users can participate in ongoing e-mail conversations while maintaining their privacy.
The authors define four types of Re-mailers. These are:
- Type-0 Re-mailers: it is could be the simplest email anonymity systems. By keeping a master list matching the pseudonyms to senders’ real e-mail addresses, replies mailed messages can be delivered to the original sender. Also, the master list provided a tempting target for attackers; anyone who could get his hands on list could reveal the email addresses of all the users of the remailer.
- Type-I Re-mailers: also called cypherpunk remailer. It removes the sender identifying information and then sends the messages out. It is more secure type than type-0. This type of remailer provides several types of improvement. There are:
- Chaining: a user sends his message to the remailer with instructions to send it, not to the intended recipient, but rather to a second remailer (run by an operator independent from the first). The remailer is instructed to send it to send it to a third remailer, and so on.
- Encryption: the first remailer receives an encrypted message. When it is decrypted, it finds only the address of the second remailer and another encrypted message. The inner message is encrypted to the second remailer, so the first remailer can not read it. The second remailer received the message and decrypted it to find the address of the third remailer and another encrypted message and so on. The last remailer decrypted his messages and found the address to the final recipient as well as unencrypted message to send.
- Mixing: incoming messages to any remailer are batched together and randomly reordered before being sent out. This was attempting to prevent a passive observer of a giving remailer from determining which outgoing message corresponds to which incoming message.
- Type-II Remailers: it divides all messages into a number of fixed-sized packets that are sent separately through the network of remailers in order to defeat size correlations. These remailers also employ more complex techniques to defeat replay attacks. It is more secure type than type-I.
- Type-III Remailers: This type of re-mailer has apparently been available since 2002. It provides improved protection against reply attacks and against key compromise attacks, where an attacker learns the private decryption key of one or more of the remailers. It is more secure type than type-II.
The growth of the Internet has increased the use of anonymity and pseudonymity in electronic communications. The process of protecting Internet applications, such as the world-wide web, remote logins, voice-over-IP and games, poses a much more significant challenge than the corresponding problem for email. Anonymity could be defined simply as being without a name or with an unknown name, while Pseudonymity could be defined as the use of a false name. Anonymous and pseudonymous electronic communications have been used to damage commercial interests, harass victims, and launch hoaxes into cyberspace. We can overcome the problems of anonymity and pseudonymity in cyberspace by using traceable identification. If we can make the ISPs enforcing the chosen level of strong identification and authentication that will allow non-legalistic approach to reducing abuse by anonymous and pseudonymous Internet users.
References
Acquisti, A., Gritzalis, S., Lambrinoudakis, C., & Vimercati, S. D. C. d. (Eds.). (2008). Digital Privacy: Theory, Technologies, and Practices. New York: Auerbach Publications. 
No comments:
Post a Comment