From: Black Unicorn <unicorn@access.digex.net>
To: Johnathan Corgan <jcorgan@scruznet.com>
Message Hash: 5a882b28a8b1d38a17b221008ad6179209fef898f0f52c4269ed35ee0d1f8361
Message ID: <Pine.SUN.3.91.950117153148.11572A-100000@access4.digex.net>
Reply To: <Chameleon.4.01.950116182254.jcorgan@jcorgan.sj.scruznet.com>
UTC Datetime: 1995-01-17 20:39:06 UTC
Raw Date: Tue, 17 Jan 95 12:39:06 PST
From: Black Unicorn <unicorn@access.digex.net>
Date: Tue, 17 Jan 95 12:39:06 PST
To: Johnathan Corgan <jcorgan@scruznet.com>
Subject: Re: Another problem w/Data Havens...
In-Reply-To: <Chameleon.4.01.950116182254.jcorgan@jcorgan.sj.scruznet.com>
Message-ID: <Pine.SUN.3.91.950117153148.11572A-100000@access4.digex.net>
MIME-Version: 1.0
Content-Type: text/plain
On Mon, 16 Jan 1995, Johnathan Corgan wrote:
> Date: Mon, 16 Jan 95 18:14:26 PST
> From: Johnathan Corgan <jcorgan@scruznet.com>
> To: Robert Rothenberg <rrothenb@libws4.ic.sunysb.edu>,
> Black Unicorn <unicorn@access.digex.net>
> Cc: cypherpunks@toad.com
> Subject: Re: Another problem w/Data Havens...
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> >Data havens that can split data to two or more locations in seperate
> >jurisdictions can effectively ignore attention from authorities not
> >related to the site management or site preformance. Encryption mandated
> >sites can also take this stance, while encryption is legal in any event.
>
> It just occurred to me when reading this another method for ensuring the
> "I can't tell what's in it" condition with a data haven operator. Why not
> use a secret sharing system where the contraband data is split into a number
> of pieces and sent to different havens? It could be argued that the individual
> pieces are not the same as the whole, and there is absolutely no way the
> operator could recover the original from a given piece (thus providing
> plausible deniability.)
>
> Using M by N secret sharing, with M < N, you build in some redundancy in case
> one of the havens gets shutdown.
This was essentially my point, phrased much more precisely.
I believe this has been suggested, even discussed at length before on the
list.
Just from a structure standpoint, the haven could segment the data,
use some sort of encryption, and then send an encrypted message
containing the "resegmenting key."
Theoretically the haven would destroy the resegmenting key after
generating it and sending it, leaving the original sender with the only
copy.
Trust in the data haven operator is bolstered by his or her interest in
not knowing the contents of the data, or the retrevial key for the data,
less he or she be vulnerable to authority scrutiny.
> ==
> Johnathan Corgan "Violence is the last refuge of the incompetent."
> jcorgan@scruznet.com -Isaac Asimov
-uni- (Dark)
--
073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est
6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig!
Return to January 1995
Return to “Michael Handler <grendel@netaxs.com>”