From: frantz@netcom.com (Bill Frantz)
To: “Timothy C. May” <cypherpunks@toad.com
Message Hash: fe49f276d48c2611972218cc93db41a2e58e890b0ef576d32f420e1d3d6af12b
Message ID: <199610102208.PAA05484@netcom8.netcom.com>
Reply To: N/A
UTC Datetime: 1996-10-10 22:09:01 UTC
Raw Date: Thu, 10 Oct 1996 15:09:01 -0700 (PDT)
From: frantz@netcom.com (Bill Frantz)
Date: Thu, 10 Oct 1996 15:09:01 -0700 (PDT)
To: "Timothy C. May" <cypherpunks@toad.com
Subject: Re: "Forward Privacy" for ISPs and Customers
Message-ID: <199610102208.PAA05484@netcom8.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain
At 1:08 PM 10/10/96 -0800, Timothy C. May wrote:
>At 11:42 AM -0700 10/10/96, Bill Frantz wrote:
>>At 10:13 AM 10/9/96 -0800, Timothy C. May wrote:
>>>Something ISPs could do--and may do if there is sufficient customer
>>>pressure--is to adopt a policy of "forward secrecy" (to slightly abuse this
>>>technical term). That is, to have an explicit policy--implemented in the
>>>software--of _really_ deleting the back messages once a customer downloads
>>>them to his site. This means that _backups_ must be done in a careful
>>>manner, such that even the backup tapes or disks are affected by a removal.
>>
>>One technical approach is described in:
>>
>>"A Revocable Backup System", dabo@cs.princeton.edu (Dan Boneh) and
>>rjl@cs.princeton.edu (Richard J. Lipton) in The 6th USENIX Security
>>Symposium Proceedings.
>>
>>Basically the idea is to encrypt the file on the backup (tape) and then
>>lose the encryption key when you want to "forget" the file.
>
>Given that keys = data, this just transfers the problem from one set of
>data to another set of data. (Wanna bet a lot of ISPs would keep backups of
>the disk with the keys on it?)
Agreeded. I was assuming some degree of competence on the part of the ISP.
Since it is a service they are offering, they are responsible for its
correct operation. Reducing the size of the data you must lose is quite
valuable. It means you don't have to pass large amounts of tape to stomp
on the file.
The article offers some solution to this problem, as I remember, but I
don't really have time to re-read it and summerize (unless you want to
outbid my current client :-).
-------------------------------------------------------------------------
Bill Frantz | "Cave softly, cave safely, | Periwinkle -- Consulting
(408)356-8506 | and cave with duct tape." | 16345 Englewood Ave.
frantz@netcom.com | - Marianne Russo | Los Gatos, CA 95032, USA
Return to October 1996
Return to “frantz@netcom.com (Bill Frantz)”
1996-10-10 (Thu, 10 Oct 1996 15:09:01 -0700 (PDT)) - Re: “Forward Privacy” for ISPs and Customers - frantz@netcom.com (Bill Frantz)