"Forward Privacy" for ISPs and Customers
Adam Back
aba at dcs.ex.ac.uk
Fri Oct 11 05:57:06 PDT 1996
Tim May <tcmay at got.net> writes:
> At 11:42 AM -0700 10/10/96, Bill Frantz wrote:
> >At 10:13 AM 10/9/96 -0800, Timothy C. May wrote:
> >>[...]
> >One technical approach is described in:
> >
> >"A Revocable Backup System", dabo at cs.princeton.edu (Dan Boneh) and
> >rjl at cs.princeton.edu (Richard J. Lipton) in The 6th USENIX Security
> >Symposium Proceedings.
> >
> >Basically the idea is to encrypt the file on the backup (tape) and then
> >lose the encryption key when you want to "forget" the file.
>
> Given that keys = data, this just transfers the problem from one set of
> data to another set of data. (Wanna bet a lot of ISPs would keep backups of
> the disk with the keys on it?)
They could always use public key crypto, and use the _user's_ public
key for the users data, then the ISP hasn't got the private key to
leave lying around, or to divulge in case of a supeona. The backups
are for the _users_ benefit so this puts the onus of key management of
encrypted backups where it belongs, with that user.
Of course, as Ray (?) pointed out, an ISP is going to translate this
into unnecessary complications, and won't bother unless someone offers
a service differentiated on this point, and this kind of service gets
popular.
I'm sure that this would be easy to implement with unix, a shell
script. If anyone wants one, I'll write it. (Just have a .pgp-backup
file containing a PGP public key in any directories you want encrypted
backups rather than clear backups, say)
Adam
[the rsa .sig just got smaller still]
--
#!/bin/perl -sisN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsjxII*op"
$/=unpack('H*',<>);print pack('C*',split('\D+',`echo 16i\U$k"SK$/SM$n\E$^I|dc`))
More information about the cypherpunks-legacy
mailing list