1996-10-10 - Re: “Forward Privacy” for ISPs and Customers

Header Data

From: “Timothy C. May” <tcmay@got.net>
To: cypherpunks@toad.com
Message Hash: e0b03d32e18f51464dca9bbe81b7ff1f68bd4d291bad026d4ceb9df10ab54cee
Message ID: <v03007800ae831534b603@[207.167.93.63]>
Reply To: <199610101839.LAA14097@netcom8.netcom.com>
UTC Datetime: 1996-10-10 19:58:33 UTC
Raw Date: Thu, 10 Oct 1996 12:58:33 -0700 (PDT)

Raw message

From: "Timothy C. May" <tcmay@got.net>
Date: Thu, 10 Oct 1996 12:58:33 -0700 (PDT)
To: cypherpunks@toad.com
Subject: Re: "Forward Privacy" for ISPs and Customers
In-Reply-To: <199610101839.LAA14097@netcom8.netcom.com>
Message-ID: <v03007800ae831534b603@[207.167.93.63]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:42 AM -0700 10/10/96, Bill Frantz wrote:
>At 10:13 AM 10/9/96 -0800, Timothy C. May wrote:
>>Something ISPs could do--and may do if there is sufficient customer
>>pressure--is to adopt a policy of "forward secrecy" (to slightly abuse this
>>technical term). That is, to have an explicit policy--implemented in the
>>software--of _really_ deleting the back messages once a customer downloads
>>them to his site. This means that _backups_ must be done in a careful
>>manner, such that even the backup tapes or disks are affected by a removal.
>
>One technical approach is described in:
>
>"A Revocable Backup System", dabo@cs.princeton.edu (Dan Boneh) and
>rjl@cs.princeton.edu (Richard J. Lipton) in The 6th USENIX Security
>Symposium Proceedings.
>
>Basically the idea is to encrypt the file on the backup (tape) and then
>lose the encryption key when you want to "forget" the file.

Given that keys = data, this just transfers the problem from one set of
data to another set of data. (Wanna bet a lot of ISPs would keep backups of
the disk with the keys on it?)

Granted, there's a compression factor, but the basic issue is not changed.
If the ISP is trusted to not make backups of user files, and overwrites the
disk, this is about as good as the vendor encrypting the files and then
agreeing to "lose" the key.

(Though let's hope he neither loses it, nor "looses" it (the common
misspelling), by throwing it in his Dumpster trashcan, a la the infamous
Mykotronx "losing" (and hence "loosing") of Clipper secrets.)

--Tim

"The government announcement is disastrous," said Jim Bidzos,.."We warned IBM
that the National Security Agency would try to twist their technology."
[NYT, 1996-10-02]
We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^1,257,787-1 | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









Thread