keeping secrets from myself
GERSTEIN at SCSUD.CTSTATEU.EDU
Wed Mar 9 12:20:26 PST 1994
On 8-MAR-1994, Cortland D. Starrett (cort at ecn.perdue.edu) said...
Here is a practical problem that has me frustrated....
Assume that I am the treasurer at my local church. This implies responsibility
to record each Sunday's offering (the money collected) in the church financial
books. An account is maintained for each member of the church. Money received
from members each Sunday is credited to their respective accounts. Each
January, a report is prepared for each parishioner showing a summary of the
charitable contributions for the previous year. This information is used for
Currently, the treasurer knows EVERYTHING about EVERYONE (regarding charitable
giving). As a privacy advocate, this is indeed uncomfortable (for giver and
I want to know as little as possible about church member giving.
Give and Take:
It will be difficult/impossible to prevent the treasurer from seeing each
weeks' checks. However, a privacy improvement may be achieved if the running
totals are kept hidden.
How can I provide a comprehensive year-end statement to each parishioner while
maintaining maximum privacy?
Does cryptography have anything to offer to this situation?
What procedures/protocols could be implemented?
What privacy enhancements could be included with the church
I would think that the easiest way to take care of this would be to
assign each member a randomly generated id (probably alphanumeric, and you can
keep it around 6 characters), and then just use that number from then on. When
a new member joins, create a new id and once they have a copy of it, put the id
in a file that is stored out of your hands (but accessable if need be) in case
you need to add someone else or if someone forgets their id.
I know that this isn't as secure as some of the other methods
suggested, but this (the method above) would seem to make the most sense simply
because once it's started, there's not that much upkeep:
1- Member gets an id.
2- Member makes a deposit using just their id and only looking at the
check amounts. For this, you would have to trust yourself or get some envelopes
that only show the amount through a window. When you are done doing all the
checks on the computer, dump them all into a bag or something and then start
3- At the end of the year, all you have to do is print a list of the
id's and how much they have in their "account".
At no time does anyone but the member know their id (unless they happen
to share with someone, and it's up to them).
As treasurer, you only know the account numbers. If you really didn't
want to take the chance that you might learn some of the numbers (doubtful, as
there would probably be 100's [maybe 1000's] of members), you could get someone
else in the church (that you trust) to assign the id's and just have them let
you know the new id's as they come along.
Just my 0.02¢ worth.
Have _you_ said no to Clipper yet?
To sign on to the letter, send a message to:
Clipper.petition at cpsr.org
with the message "I oppose Clipper" (no quotes)
You will receive a return message confirming your vote.
More information about the cypherpunks-legacy