Alan Bostick wrote:
Pat Cadigan, in her novel SYNNERS, had the off-beat idea of having crucial data encoded into graphical images and tattooed onto the skins of beach bums.
I've heard of worse ideas. . . .
She's a better novelist than an information theorist... All the talk recently about data havens [secure storage variety] got me to thinking. (In case you're wondering, I specified [secure storage variety] becuase there seems to be some confusion, or at lest conflation, about what a "data haven" does. Is it for selling illegal data publically? Is it for storing sensitive material, privately? Something else?) Anyway, for securely storing data that one wishes to be able to later retrieve, but wishes thieves and authorities not to have, here are some major possibilities: 1. The old stand-by. Keep copies of data at a friend's house. (This is what I do, to guard against fires or thefts or ransackings by the Thought Police.) (Knowing where the stuff is stored is part of the "key" to getting it, and only adds a few bits to the overall key lenth in most cases. That is, not much security against a capable adversary, But fires are usually pretty dumb, and cops not much smarter, so this works pretty well.) 2. True secure storage, using a commercial service. Mineshafts, salt domes, concrete buildings, etc. are commonly used for this. Corporate records, etc. Pay a fee, store your files, etc. Of course, a subpoena will get the data posthaste. 2A. Offshore secure storage, in a jurisdiction that will no honor subpoenas form one's country. Lots of obvious issues here: bribery of the vault, pressures applied locally, black bag jobs, etc. 3. Encryption, with either local or remote storage. 3A. Encrypted, but local. This is by far the most common scenario, the one most of us use all the time. Can the authorities force disclosure of a key? I have a *lot* on this in my FAQ, so I won't repeat it here. Basic conclusion: has not been tested, but it is unlikey that a defendent who claims to have "forgotten" his passphrase, or who just clams up, will get zapped for this, per se. 3B. Encrypted, offshore. Actually, this is similar to the above. If the court can compell decryption, it can certainly compell retrieval of files. And if it can't compell decryption, the files are no less safe if stored locally. (But I admit that the realities are not so simple. Offshore storage offers some additionaal advantages. For one, "duress codes" that the site owner in Belize that the person requesting the material, in LA, is actually under duress. The site operator can then report back a convenient "disk crash" and the authorities will be screwed. This stratagem is harder to do cleanly in the U.S., for example, where the site owner might be subpoenaed.) 4. Purloined Letter. Hide it in plain site. Steganography, in one of your hundreds of DATs, or in GIFs and PICTs, etc. Without the key, they won't know where it is. (I've been pushing this since 1988, in postings on sci.crypt and elsewhere. Romana Machado and others have implemented the image-based version.) 5. A variant is to use ftp sites. Encrypt the data and place it in an ftp site that allows write access. Use remailers if you wish. Then, your secret data is stored in encrypted, unidentifiable form on someone else's computer, retrievable by you later. (Lots of issues here. Our never-realized "anonymous anonyomous ftp" capability could mean the storer would not even know what continent the site was on.) Well, these are just some of the ideas. Me, I stick to simply encrypting sensitive files and keeping a couple of copies in safe places. I don't think we ought to call these uses "data havens." Save the term "data haven" for those places, in cyberspace or in real space, that sell access to Nazi medical experiments, that sell illegal birth control information, that buy weapons secrets, and so on. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo@toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay