From: Sean Sutherland <maverick@interconnect.net>
Date: Sun, 18 Aug 1996 11:09:35 +0800
To: cypherpunks@toad.com
Subject: Re: Protecting floating datahavens?
Message-ID: <19960818011847984.AAD128@maverick>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

To: stewarts@ix.netcom.com, cypherpunks@toad.com
Date: Sat Aug 17 20:15:22 1996
> The basic risks with such things are:
> 1) Getting governments to agree to leave you alone.  If you're doing a
> 2) Getting governments and other pirates to actually leave you alone.
> 3) Making it work financially, for the proprietors and tenants/co-owners.
> 4) Convincing investors that you're safe enough on 1) and 2)

Auctually, the one real big problem is that the data is all in one place.  
Rememeber that the whole point of a data haven isn't secure backup -- it's 
secure storage.  And if the place gets blown sky-high (which can easily be 
done discreetly and possibly made to look like an accident), all the data 
is going to be lost, and you're basically screwed.  

The only workable solution to this that I can see has nothing to do with 
floating countries or anything of the sort.  Instead, the use of 
data-splitting programs could be used.  I'm not all up on the security or 
reliability of these programs, so if I'm making unwarranted assumptions, 
guess I did a lot of typing for nothing.  This has probably been proposed 
before, too, but what the hey...

For example, lets say you set up an office in 100 countries (it would be 
more effective to have more, but let's say 100).  Through the use of 
anonymous remailers and encryption, he could apply for a customer ID number 
and password.  To avoid any possibility of forgery, such IDs could be 
prehaps 100kb-1Mb (this is just for confirmation of identy when sending the 
data into the data havens -- shorter IDs would be used for identifcation). 
Then, he could split the program into 100 parts, with (say) 70 parts being 
needed to restore the entire file.  He would then encrypt and send each of 
these files to each remailer through the Internet.  

To get the data back, he would send in the ID and password, encrypted 
again, to the nessecary number of offices in order to retrieve the data.

Payment, if nessecary, could be made by anonymous bank transfer or 
something like ecash.  

Proprietary encryption systems (PGP-like, with IDEA/RSA hybrid in it, but 
can accept 5000+ bit keys and padding) might be used, as well.  

This scheme has several pluses.  One, it doesn't rely on any fancy legal 
manuevering with off-shore nationalities and crap.  Second, it isn't very 
vunerable.  They would need to get legal jurisdiction in 70 different 
countries to sieze the data, and then they have the encryption to deal 
with.  Third, if there's any server problems, it wouldn't affect the entire 
system.  Fourth, you don't have to attach missle launchers and hire a 
private security force to defend it.  There are several problems, though.  
First, it relies on the Internet, something which is inherantly insecure 
anyway.  Second, if someone's being wiretapped in their own country, then 
the whole effort is in vain.  Third, it would be incredibly costly, but 
probably no more so than any kind of off-shore platforms.  In fact, it 
would probably be cheaper.  

Any comments?
- ---
Sean Sutherland | GCS/C d- s+:+ a--- C+++ V--- P L E- W++ N++ K w o O-(++)
Key: E43E6489   | M-- V PS+ PE++ Y PGP++ t--- 5+++ X++ R b++ DI+ D+ G e- 
Vote Browne '96 | h! !r y

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Key: finger or email w/ 'send key' in subj.  http://www2.interconnect.net/maverick

iQEVAwUBMhZuq1ZoKRrkPmSJAQE9QQf7B+ikk1/dFKyydIzQkGcfX8+srK5GeRlr
5IhEFkXJY34dI4Dqg/yKQ6m/XwRMyqPHxcyV6lR6qU9ngaawBWjd1Q+HBtCOzEs6
Ch8AgTq5CWox8/7FZKz32xGJCVpPJ+etzeJSK2kqKfPnTW+yhz7rch+DIvEJKnM1
ktlxsi/3c1Hn89OLZrCHUeJQqBMoU7rVnmVv6sfGVUQuwJ09yWT457HCN7dZbH1z
Nrc+w7ewlxivH1r6KZ1DNk8BJrroQXD7mSHvXmEwyTiyr9DzaPhtlllarz/iPNFF
295F/4Cj9K2HiwJfKH7pDy60OKLBGP72xnc0cjxj8TlIp/KDY7VsPQ==
=BNfl
-----END PGP SIGNATURE-----