From: tcmay@netcom.com (Timothy C. May)
Date: Tue, 19 Oct 93 12:42:32 PDT
To: cypherpunks@toad.com
Subject: "Is-a-person" Credentials, Fiat-Shamir paper
Message-ID: <9310191939.AA16837@netcom5.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I have here the Fiat-Shamir paper, "How to Prove Yourself: Practical
Solutions to Identification and Signature Problems," from the 1986
CRYPTO Conference Proceedings.

This is of course the defining paper of the Fiat-Shamir algorithm,
which I understand was patented (no idea of patent number, or
countries). And I hear from Chaum that Rupert Murdoch's publishing
outfit (including Sky Channel, a satellite system) bought the rights
to Fiat-Shamir. (Speaking of Chaum and patents, Chaum has also filed
for patents and reportedly has already gotten some. We spend a lot of
time talking about the RSA/PKP patents and when they'll run out
(1998-2002), but patents on digital money may be just as
constraining.)

Anyway, if there's sufficient interest (contact me via e-mail), I can
scan and OCR as much of the paper as is feasible (the equations and
Greek symbols are always problematic). I suspect serious students of
this stuff have access to the CRYPTO Proceedings at large university
libraries, and the Fiat-Shamir paper is definitely a nice little
intro, so I'm not sure it's worth the couple of hours it may take to
get a good clean copy suitable for uploading to the list.

The schemes for "is-a-person" credentialling should be of interest to
us for several reasons:

1. The non-PGP "models" that rely on centralized credentialling
agencies, be they private companies like Apple or RSA Data Security,
or be they government agencies like DMV or National Health Offices.
Carl Ellison noted this in connection with the PEM model.

(One of the most impoortant innovations of PGP, in my opinion, was the
"distributed trust" model used. Let's demand this of other packages we
may use.)

2. Key escrow schemes could ultimately involve a tie-in to
"is-a-person" databases. Someone wrote yesterday about an FCC-like
ruling that would demand that all messages sent over the Net(s) be
digitally signed with a signature associatable (sp?) with a True Name.

(I can't see how this would be enforced, and can think of many ways
around it. But it's important we think about what may be coming, the
better to head it off early.)

3. As I have speculated before, I see the talk of a National Health
Care Card--possibly a SmartCard of some sort--as naturally associated
with a National ID Card. The immigration "problem" is causing many to
call for such a card.

"Your papers, please! Schnell!" (I hope I did not trivialize my point
by bringing Nazis in.)

Cypherpunks need to worry about more than just the government snooping
on their messages--that's just one facet of the picture. The "dossier
society" aspects are just as important. Ditto for other areas.

So, let me know if there's real interest in this paper.

And I have several of these Proceedings, with access to all the rest
of the CRYPTO and EUROCRYPT Proceedings over at the UC Santa Cruz
Science Library. I can't scan them all  in, for obvious and compelling
reasons (even with the "assistance" of the Information Liberation
Front :-} ), but this is a resource that is available.

--Tim May

-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
Note: I put time and money into writing this posting. I hope you enjoy it.