Re: Another problem w/Data Havens...
Michael wrote:
This entire discussion is completely unnecessary. There are ways of removing operator liability without examining the submission at all.
Liability is a legal issue, not a technical one. (Catchability is a technical issue.) The basic ways to remove liability are to either run your system where the local laws don't object to information storage, or to reduce the operator's involvement to levels that the local legal system will tolerate. The former case is easy, if you can rent computer space in a country with a non-meddling government and good net access (or an easily rentable government :-).) For those of us in the latter situation, the discussion's still useful... On Mon, 16 Jan 1995, Johnathan Corgan wrote:
It just occurred to me when reading this another method for ensuring the "I can't tell what's in it" condition with a data haven operator. Why not use a secret sharing system where the contraband data is split into a number of pieces and sent to different havens?
Good, but still has most of the same old risks. Alice asks Dave's Data Haven to store stuff, and later retrieves it. Dave doesn't want to be able to know what's in it. There are three main threat periods - at receipt of the data, during storage, and at retrieval. Secret sharing is great for the storage period, assuming the data havens are in different jurisdictions and the cops can't force the operator (Dave) to go retrieve all the pieces. However, at receipt of the data, it's all in one place, Dave's inbox. If Alice encrypted it safely, or secret-shared it herself, great! But if Alice is a narc trying to entrap Dave with plaintext ThoughtCrime, or Alice's key has been compromised, anything in Dave's inbox is still toast, even if anything that's been split and stored is safer than if it had been stored unsplit. So he either needs to split it fast, shortening the window, or find a way to blind his mail before processing it, or split it before reading it. Splitting before reading isn't impossible in a stream environment. Define a protocol that looks like SMTP, but opens up three outgoing streams as well as an incoming stream, and uses standard mail formats. While reading the headers from Alice (either the real contents or just the handshakes at the beginning), Dave's receiver thinks about them and sends some meaningful headers to Moe, Larry, and Curly. Once the message body starts, instead of storing the incoming bytes, Dave sends every other byte to Moe or Larry, and the xors to Curly.* If he wants to get fancy, he can even encrypt the data with a stream cypher as he goes along, giving half the key to each of them. That way, Dave's system really only has knowledge of the headers, plus one line at a time of incriminating data on the fly. And his partners can't give anything away either; they're just stooges. * If the connections to and storage by Moe and Larry are reliable enough, Curly doesn't really need to be involved, but the xor business lets you reconstruct everything from just two parts. Bill "Privacy is not a crime!"
On Tue, 17 Jan 1995 wcs@anchor.ho.att.com wrote:
Date: Tue, 17 Jan 95 03:29:17 EST From: wcs@anchor.ho.att.com To: grendel@netaxs.com Cc: cypherpunks@toad.com Subject: Re: Another problem w/Data Havens...
Liability is a legal issue, not a technical one. (Catchability is a technical issue.)
BING!
Alice asks Dave's Data Haven to store stuff, and later retrieves it. Dave doesn't want to be able to know what's in it. There are three main threat periods - at receipt of the data, during storage, and at retrieval. Secret sharing is great for the storage period, assuming the data havens are in different jurisdictions and the cops can't force the operator (Dave) to go retrieve all the pieces.
However, at receipt of the data, it's all in one place, Dave's inbox. If Alice encrypted it safely, or secret-shared it herself, great! But if Alice is a narc trying to entrap Dave with plaintext ThoughtCrime, or Alice's key has been compromised, anything in Dave's inbox is still toast, even if anything that's been split and stored is safer than if it had been stored unsplit. So he either needs to split it fast, shortening the window, or find a way to blind his mail before processing it, or split it before reading it.
I found this very insightful. All the more reason to mandate encryption, or to encrypt all plaintext on arrival.
Splitting before reading isn't impossible in a stream environment. Define a protocol that looks like SMTP, but opens up three outgoing streams as well as an incoming stream, and uses standard mail formats. While reading the headers from Alice (either the real contents or just the handshakes at the beginning), Dave's receiver thinks about them and sends some meaningful headers to Moe, Larry, and Curly. Once the message body starts, instead of storing the incoming bytes, Dave sends every other byte to Moe or Larry, and the xors to Curly.* If he wants to get fancy, he can even encrypt the data with a stream cypher as he goes along, giving half the key to each of them. That way, Dave's system really only has knowledge of the headers, plus one line at a time of incriminating data on the fly. And his partners can't give anything away either; they're just stooges.
* If the connections to and storage by Moe and Larry are reliable enough, Curly doesn't really need to be involved, but the xor business lets you reconstruct everything from just two parts.
I like the pure elegance of this solution. Are there implemented DH codes running around anywhere?
Bill
"Privacy is not a crime!"
073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig!
Are there implemented DH codes running around anywhere?
DH code is easy - using PGP and perl you can build a simple one in a matter of hours. But: where's the market? The only people I've ever known to need a 'data haven' were a group of people who'd obtained the source code to a major commercial operating system and used a freenet account and ftp to transfer it. (40 mB+, I gather). I can see building one - it doesn't seem at all difficult. But I don't see how I could be reimbursed for the disk space and bandwidth. -jon ( --------[ Jonathan D. Cooper ]--------[ entropy@intnet.net ]-------- ) ( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4 5B 12 A0 35 E0 9B C0 01 ) ( home page: http://taz.hyperreal.com/~entropy/ ]---[ Key-ID: 4082CCB5 )
On Tue, 17 Jan 1995 wcs@anchor.ho.att.com wrote:
The former case is easy, if you can rent computer space in a country with a non-meddling government and good net access (or an easily rentable government :-).) For those of us in the latter situation, the discussion's still useful...
Point taken.
However, at receipt of the data, it's all in one place, Dave's inbox. If Alice encrypted it safely, or secret-shared it herself, great! But if Alice is a narc trying to entrap Dave with plaintext ThoughtCrime, or Alice's key has been compromised, anything in Dave's inbox is still toast, even if anything that's been split and stored is safer than if it had been stored unsplit. So he either needs to split it fast, shortening the window, or find a way to blind his mail before processing it, or split it before reading it.
I could write a procmail recipe and a script in about an hour to automatically secret-share-split and redistribute the incoming submission. If the authorities attempt to indict you for possessing illegal information / kiddie porn / whatnot, they have to prove that you interfered with the automatic redistribution process and examined the contents of the submission. If you in fact did not look at the submission, they would have a difficult time doing so. -- Michael Handler <grendel@netaxs.com> Civil Liberty Through Complex Mathematics Philadelphia, PA PGP Key ID FC031321 Print: 9B DB 9A B0 1B 0D 56 DA 61 6A 57 AD B2 4C 7B AF "Toi qui fais au proscrit ce regard calme et haut" -- Baudelaire * Skotoseme
From: Michael Handler <grendel@netaxs.com> [automatically split and redistribute] If the authorities attempt to indict you for possessing illegal information / kiddie porn / whatnot, they have to prove that you interfered with the automatic redistribution process and examined the contents of the submission. If you in fact did not look at the submission, they would have a difficult time doing so. This is exactly the right kind of approach, I think. It's more expensive to implement than a readable-reject filter, but then I expect a continuum of services. The key legal point is "interfered with the automatic redistribution process". If an operator can point to those fixed properties of a system which keep the operator ignorant, an opponent trying to prove otherwise will have difficult time. Eric
I could write a procmail recipe and a script in about an hour to automatically secret-share-split and redistribute the incoming submission.
I'll wager most of us could. Question: whom would you redistribute it _TO_? This seems to be the stumbling block - who is willing to store the data on their machine or net account? Speaking as someone with about 300k of quota left, it certainly couldn't be me, though I'd be willing to handle the frontend interfacing work. How would you handle retrieval of the data?
If the authorities attempt to indict you for possessing illegal information / kiddie porn / whatnot, they have to prove that you interfered with the automatic redistribution process and examined the contents of the submission. If you in fact did not look at the submission, they would have a difficult time doing so.
Unfortunately I've found that the U.S. government especially can make your life a living hell if you don't go along with their desires, even if you're following all the laws. Trumped-up charges. Fake charges. I wouldn't put much past our government. -jon ( --------[ Jonathan D. Cooper ]--------[ entropy@intnet.net ]-------- ) ( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4 5B 12 A0 35 E0 9B C0 01 ) ( home page: http://taz.hyperreal.com/~entropy/ ]---[ Key-ID: 4082CCB5 )
On Wed, 18 Jan 1995, Jonathan Cooper wrote:
If the authorities attempt to indict you for possessing illegal information / kiddie porn / whatnot, they have to prove that you interfered with the automatic redistribution process and examined the contents of the submission. If you in fact did not look at the submission, they would have a difficult time doing so.
Unfortunately I've found that the U.S. government especially can make your life a living hell if you don't go along with their desires, even if you're following all the laws. Trumped-up charges. Fake charges. I wouldn't put much past our government.
I think the worst is that the government never seems to be in the mood for giving your computer equipment back to you. Hiding your phycal location, being out of the question, (old thread), all the government has to do is drum up suspision and enough information for a warrant for your computer equipment, then your screwed out of a system. If you had a system good enough to efectivly handle DH's or even remailers, your out of a good sum of money. Groove On Dude Michael Conlen
On Wed, 18 Jan 1995, Jonathan Cooper wrote:
I could write a procmail recipe and a script in about an hour to automatically secret-share-split and redistribute the incoming submission.
I'll wager most of us could. Question: whom would you redistribute it _TO_? This seems to be the stumbling block - who is willing to store the data on their machine or net account?
Why, other data haven operators, of course. [ Insert 500 messages about anonymous payment systems, FirstVirtual vs DigiCash, remailers, "data haven" guilds, etc. ] [ ... ]
How would you handle retrieval of the data?
Details, details. Just off the top of my head: an encrypted database that logs where the pieces were split and sent to. When the original data haven recieves a request for the file, it sends out requests to the other data havens, and reassembles the file, and shoots it out again to the original owner. Michael --- Michael Handler <grendel@netaxs.com> Civil Liberty Through Complex Mathematics Philadelphia, PA PGP Key ID FC031321 Print: 9B DB 9A B0 1B 0D 56 DA 61 6A 57 AD B2 4C 7B AF "Toi qui fais au proscrit ce regard calme et haut" -- Baudelaire * Skotoseme
On Sun, 22 Jan 1995, Michael Handler wrote:
On Wed, 18 Jan 1995, Jonathan Cooper wrote:
I could write a procmail recipe and a script in about an hour to automatically secret-share-split and redistribute the incoming submission.
How would you handle retrieval of the data?
Details, details. Just off the top of my head: an encrypted database that logs where the pieces were split and sent to. When the
I'd prefer to see a redunancy system here whereby the pieces each contain a cypher strip of info on the location of the others (not the entire location listing, that would be too insecure) Maybe a few locations to store the loations of the segments. just a thought. ------------------------------------------------------------------------------ Computers Communications Reduced Rate IDD Service Innovative Widgets -Tel-(+852)-2334-8850-----------þ=j=R=T=þ----------------Fax-(+852)-2334-3042- Help protect the environment -- This message is made from recycled electrons ------------------------------------------------------------------------------ Asia On-Line - Asia's Cheapest Internet Access Provider ------------------------------------------------------------------------------
participants (7)
-
Black Unicorn -
eric@remailer.net -
Jonathan Cooper -
jRT -
Michael Conlen -
Michael Handler -
wcs@anchor.ho.att.com