Digital futures - the catastrophic edge
There's been a lot of talk about digital money, digital identities, how it might work, protocols for verifiability in the face of spoofing, how to remain anonymous in spite of the best efforts of someone to find you, etc, etc. They all (to my unpracticed eye) rely on someone knowing a secret. And only that someone knowing the secret. Well, what if someone else finds it? What if someone breaks into your house, finds it written somewhere, or in some file somewhere? It's one thing to say "anyone who allows that to happen is stupid"- but people can be pretty stupid. Or, conversely, what if the number of people who know it is <1, rather than >1, i.e. what if you lose your secret key. In a world where your identity is digital, the consequences could be catastrophic. I can think of some extremely nasty consequences. It makes the recent stories of people who have been mistaken (& prematurely) declared dead seem pretty minor. So, my question is, what are the damage control mechanisms? Has anyone thought about this much? ************************************************** * Allen J. Baum tel. (408)974-3385 * * Apple Computer, 20525 Mariani Ave, MS 305-3B * * Cupertino, CA 95014 baum@apple.com * **************************************************
re: # parties != 1 knowing secrets The secrets in cryptography are too long to be memorized. Therefore, some computer hardware will need to be the storage container. Secure containers for such secrets can be constructed at much less cost than the value of having the secret escape. Since secrets come in different levels of value, so will containers. Since the secrets are data, they can be backed up as well, with a variety of redundancy mechanisms and social constraints. One can use encrypted data with human-recallable pass phrase (as PGP secret keys) or secret sharing to multiple trustees, or a combination. Eric
participants (2)
-
baum@newton.apple.com -
hughes@ah.com