From: Matt Thomlinson <phantom@u.washington.edu>
To: cypherpunks@toad.com
Message Hash: 4807af625a8178b3f40319d9670abbd87dfd92ac9d29453fc9e06640b374b2c1
Message ID: <Pine.3.89.9403112006.A15246-0100000@stein1.u.washington.edu>
Reply To: N/A
UTC Datetime: 1994-03-12 04:02:14 UTC
Raw Date: Fri, 11 Mar 94 20:02:14 PST
From: Matt Thomlinson <phantom@u.washington.edu>
Date: Fri, 11 Mar 94 20:02:14 PST
To: cypherpunks@toad.com
Subject: brainstorming on cpunks' eve
Message-ID: <Pine.3.89.9403112006.A15246-0100000@stein1.u.washington.edu>
MIME-Version: 1.0
Content-Type: text/plain
As is mentioned in tims' latest Rant(tm), I've been working on ideas for
creating other cypherpunk services that would be possible to deply to the
net. I've come up with a few, but they are of dubious quality.
I'm hoping that by posting ideas I know are flawed/of little use that
followup disscussion might refine them.
We saw a use for remailers -- to gain a certain anonymity not present in
cyberspace. How about information drops? How about digital cash drops
(alt.cash.drop anyone?) I know digicash isn't the rage, and such a
group would probably do zero good for some time, but I'd like to start
talking about the ideas.
With payments in digicash, you could supply a public key (newly created,
of course). After the cash is generated/remitted by the other party,
it would be encrypted and posted to the group. Noone could use the cash
as it sat there, since they can't unwrap the cash. (I like to think of it
as dropping the cash in a sealed envelope). I'm trying to think of both
uses and problems this exhibits. Lots of extra "session keys" is the only
drawback I see.
Other possible net services: random number services, which don't keep
logs of the numbers it produces -- have it spit a statistically-correct
random stream each time a port is opened? Would this be that useful?
Also, one could set up a hashing/signing service, more akin to a time
stamp service. Mail would be sent to your service, which would attach
the output of 'date' to the bottom of the msg and then +clearsig it. I'm
thinking that chains of two or maybe three reliable machines should be
used, since all it takes to break this is to change the clock on the
machine you're signing with. With a few (>1) machines, it becomes
very clear that the message was sent at a certain time. Perhaps this
could be used in the future for "Registered Mail" type exchanges, or
perhaps as part of a "Digital Notary" system?
As for our media coverage, I'm happy with it so far. I'm willing to bet
digicash that we'll see _television_ coverage re: clipper in the next
few months. EFF, among others, should be working on that; we've
already been able to get the word out via newspapers/magazines and radio.
I wouldn't be at all suprised to see a blip on 20/20 or maybe a 15-second
spot by Tom Jennings & co. before July.
And projects! I'm currently in the middle of finals, but I'm looking
forward to getting back to work on the things that _really_ matter.
I was wondering what people were thinking about putting together a
page for WWW? Would it be useful? Would people browsing around look at
it and would it be a medium to disseminate info? Maybe divide it up...
RSA, DES, IDEA, 3-DES, etc.
Clipper, Capstone, Skipjack, Tessera
PGP, stego programs available, RIPEM, etc.
EFF, CPSR, Cypherpunks----
|media coverage
|remailers
|stego
|voice pgp
|clipper projects-FOIAs, bigbro inside, etc.
other sources of info: sci.crypt, alt.pgp, alt.whistleblowers,
alt. privacy, alt.security.
Ideas and suggestions appreciated.
mt
Matt Thomlinson Say no to the Wiretap Chip!
University of Washington, Seattle, Washington.
Internet: phantom@u.washington.edu phone: (206) 548-9804
PGP 2.2 key available via email or finger phantom@hardy.u.washington.edu
Return to March 1994
Return to “Sameer <sameer@soda.berkeley.edu>”