Sligtly edited from an earlier posting on list-geek. Please subscribe to the
anap list by sending a message to list-anap-subscribe@osiris.978.org if you
would like to follow development.

I'm currently working on a aecked up mixmaster (or perhaps a rewritten one)
that will communicate over TCP/IP directly rather than sending email. I'm
hoping to use it to facilitate a network for anonymous filesharing and
chat.

When properly set up, mixmaster provides near provable anonimity. A message
is layered with enelopes of encryption. Each envelope contains a delivery
address and another envelope. If you put your message inside 10 layers of
envelopes, the receiver will have no idea and no easy way to prove who sent
it to them. Folks along the way won't know if the next hop is the
destination or if the previous hop was the real sender. 

By including an encrypted reply-route in the message you send, you can
facilitate a reply from the person you message without revealing your own
identity. As you can imagine, this technology will prove invaluable for
people that might be lose their freedom, life, or money as a result of
sending a file or having a certain conversation.

One problem I'm having difficulty with is the use of crowds to facilitate
large-scale filesharing. For example you'd like to share a file among many
people without revealing that you're the originator of it. I'd like to hear
if anyone has a proof of the security or insecurity or using crowds in this
context.

With the crowds scheme, I plan to have the keys for the encrypted file
exchanged via mixes, and the encrypted file sent via crowds. People in the
crowd with the key would know what the file is, but there would be no way of
knowing who in the crowd had the key. Nobody in the crowd would be able to
determine the content of the file if they did not have the key. 

Interested in hearing your comments and suggestions. Thanks.