From: spam@telerama.lm.com (Steve Marting)
Date: Wed, 11 Jan 95 20:31:23 PST
Subject: Re: How do I know if its encrypted?
In-Reply-To: <m0rSFsb-000kfuC@mill2.millcomm.com>
Message-ID: <3f2ba8$jbe@asia.lm.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <m0rSFsb-000kfuC@mill2.millcomm.com>,
Mark Oeltjenbruns <marko@millcomm.com> wrote:
>        I keep seeing the idea that to keep out of trouble remailers and
>Data Havens should require that data be encrypted before it is accecpted.
>My question is how do I know it is encrypted?  If I say that anyone sending
>me data to be massaged by my system must first encrypt it, how do I know
>they are in fact complying with that request?  After all this is the area
>for the paranoid's to hang out in.
>
>        I see some possible options.  Most don't seem to workable.  I could
>...
[...]
>(2) Force them to pgp it, but that could be defeated by having enough of a
>pgp sig. that my system is fooled.  Not to mention they must use *MY* idea
>of what good encryption is.  After all I could say you must use my
>encryption software that has a backdoor I know of, i.e. clipper, or that
>costs money and can only be bought from me.  This last point would be one
>way of making sure you made some money, but does seem impractial.

You're being contradictory here.  First you say that you have no way of
reliably knowing if it's PGP encrypted, then you say it forces them to use a
certain type of encryption.  Well, if they can fool your system, they aren't
forced to use it!

But that's not really my point.  I think this method is very valid and could
be used in the Real World (well, on the net, at least).  Let's say you require
everyone to use PGP.  Well, if I don't trust PGP but I trust SpamCrypt, there
is nothing stopping me from encrypting my data with SpamCrypt and THEN PGP and
sending it off to your haven.  You see the data is PGP-encrypted, you don't
have the PGP key to decrypt it so you can't be accused of having the ability
to look at my data, and - correct me if I'm wrong here - unless there's some
specific mathematical relation between PGP and SpamCrypt, my encryption is
as good as the STRONGEST layer.

In fact, as you suggest, this is a good way to implement a pay-per-use haven.
All you have to do is only let people use your proprietary data format.  You
can either sell just the program (a one-time fee, like selling accounts on
your haven), or sell single-use keys.  Single-use keys are not only a type of
one-time pad (again, I may be wrong there), but can be presold in arbitrary
lots so companies can buy many keys from you and resell them.

>(5) Only acecpt data from a remailer or other service that would be
>guranteed to be encrypted.  This seems like it would lead to a 'good ole
>boy' network that could exclude service providers it doesn't like.
>etc. etc.

I don't see the problem with this.  You will end up with two types of havens -
those that will accept data from a remailer anyone can use (or from a remailer
that will accept data from one somewhere down the line) and those that won't.
The former are free for anyone to use, and the latter aren't.  Sound like the
difference between moderated and unmoderated newsgroups?  And I don't hear
anyone on cypherpunks bitching about the evil of moderated newsgroups.  What
would be wrong with setting up a haven just for you and your friends?  Or
anyone but Detweiler?  Or anyone but me?

Waiting to be called from some mistake,
-Spam
-- 
--
Spam is: Steve Marting <spam@telerama.lm.com>
My homepage
Beer status: Pilsener bottled and aging