1995-11-13 - Re: Timed-release crypto - Proactive security plug

Header Data

From: tcmay@got.net (Timothy C. May)
To: cypherpunks@toad.com
Message Hash: 6a68320d684bdf43b1ab039a0899889c8d4d085d1329c27c67a806fd32277901
Message ID: <acccdebc040210049a7f@[205.199.118.202]>
Reply To: N/A
UTC Datetime: 1995-11-13 20:21:41 UTC
Raw Date: Tue, 14 Nov 1995 04:21:41 +0800

Raw message

From: tcmay@got.net (Timothy C. May)
Date: Tue, 14 Nov 1995 04:21:41 +0800
To: cypherpunks@toad.com
Subject: Re: Timed-release crypto - Proactive security plug
Message-ID: <acccdebc040210049a7f@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:03 PM 11/13/95, Amir Herzberg wrote:
>A small note/plug: the schemes by Tim and Michael are based on `long lived'
>secret sharing, i.e. you trust each share of your secret to a server for a
>really long time. Some people may be concerned that such a long time would
>allow an attacker to break into most servers and reconstruct the secret (key).
>
>A solution to this is proactive secret sharing, as described in [HJKY95].
>In this protocol, the secret shares are periodically refreshed (i.e. new
>shares are computed distributively and then the old shares are erased).
>In this manner, an attacker has to break into most servers during the same
>period; shares from one period are worthless on the next period.
>
>Best, Amir
>
>[HJKY95] `Proactive Secret Sharing', A. Herzberg, H. Krawczyk, S. Jareski,
>M. Yung, Crypto 95.

I also was sent a copy of Ron Rivest's latest paper on timed-release crypto
(also available at the URL http://theory.lcs.mit.edu/~rivest/).

These noted cryptographers, Amir, Ron, and others, are of course doing
"real cryptography" on this timed-released stuff....my speculations in '93
and later are informal, rough considerations. There are dangers in using
"common sense" in protocols like this, but, then, few of us have the time
to explore things in enough detail.

I just wanted to clarify things, though I suspect most of you know that
many of my arguments (and those of others, too) are based on informal, bull
session, sorts of foundations. This is often enough at a very early stage.
No substitute for much more rigorous, published-paper-quality analyses, of
course.

>> --Tim May
>>
>> Views here are not the views of my Internet Service Provider or Government.
>
>How do you know that?   :-)

In the past, I have actually gotten warning letters from some of my
Internet Service Providers saying that my views were inimical to their own
views. One provider, who shall remain nameless, actually *turned off* my
access to NetNews until I agreed to post a clarification that the views I
was expressing were not his views!

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







Thread