From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Thu, 30 Nov 1995 03:31:34 +0800
To: EALLENSMITH@ocelot.Rutgers.EDU (E. ALLEN SMITH)
Subject: Re: Medical Records
In-Reply-To: <01HY7U2Z5PSG8WYVEV@mbcl.rutgers.edu>
Message-ID: <199511291909.OAA16016@homeport.org>
MIME-Version: 1.0
Content-Type: text


	It seems that they use signatures & hashes; nice work, a good
advance for medical records storage, but I'd ask how keys are managed,
and also what prevents me exploiting the 'hash-only' mode of sending
in what I'm cliaming to be is an emergency.  (Not that these
invalidate the system; they're just interesting areas to work on.)

E. ALLEN SMITH wrote:

|    "We have to make sure that the digital information and images are not
|    altered accidentally or surreptitiously," Wong said. "In addition,
|    x-rays and other imaging studies are part of the patient's medical
|    record and must be protected from unauthorized access."
|    
|    The system uses mathematical formulas or codes to scramble the images
|    through encryption. It involves a "two-key" system -- one code enables
|    public access but a second, private code is required to unscramble the
|    information.
|    
|    The private code, known only to the individual to whom the information
|    is transmitted, is 1,024 computer bits long, Wong said.
|    
|    In emergencies where fast transmission is needed, the unscrambled
|    image is transmitted with a digital "fingerprint," a smaller code that
|    assures the intended viewer that no one has altered the original
|    image.


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume