CDR: Re: Zero Knowledge changes business model (press release)
Tim May
tcmay at got.net
Tue Oct 31 14:57:43 PST 2000
At 5:14 PM -0500 10/31/00, Declan McCullagh wrote:
>I spent perhaps half an hour on the phone with Austin Hill this
>afternoon. Here's what we discussed.
>...
>* ZKS will offer to store keys. "That includes us holding encryption
>keys." Austin described the key-splitting the same way Adam has
>here. He refused to say whether or not a third-party (Joe's Escrow
>Service) would ever hold keys.
Except for the very specialized case of protecting against
loss/forgetting of passphrases and keys, it's hard to imagine how
Alice's privacy is ever enhanced by having a third party hold keys.
I'm assuming there's some byzantine protocol being planned in which
Alice's secrets (medical files, purchasing preferences, tax
information, etc.) are somehow distributed such that various
hospitals, insurance companies, etc., cannot link information to
Alice. A worthy research topic. But maybe a bit ambitious for a
start-up company with a (reportedly) high burn rate to be launching,
it seems to me.
If not this byzantine protocol, what? If Alice supplies personal
information to Bobco, he has it, period. A hospital, for example, has
this personal information. Hospitals leaking or selling or sharing
this information is indeed a pressing concern, but one not readily
solvable with technology. It's like the various schemes to delete
information before it can be saved to hard disk..these schemes just
don't work: if human eyes can see something, or if ears can hear it,
then cameras and sound capture cards and so on can bypass the
attempted erasures.
Likewise, if Bob's General Hospital knows who Alice is, then the game
is up. Period. Technology can't do much about it. Stuff about
splitting keys or having third parties involved just doesn't change
this basic ontological fact.
(There are, of course, cryptographically respectable protocols for
anonymous testing, for blinding of test results, etc. Some even use
coin-flipping protocols. But I gather that this is not the market ZKS
is seeking to enter.)
I look forward to hearing more from ZKS about what, exactly, this new
system is.
Much of the press release was typical press release junk about
privacy being important, corporations seeking to fully maximize their
paradigms, etc., etc. But some of it talked about key splitting and
local laws, which is usually worrisome to paranoid folks like us.
>
>* ZKS appears to be targeting heavily-regulated areas like medical
>and financial sectors. They will come in, set up a
>privacy-protective system, perhaps provide some ongoing service, and
>(if so) collect ongoing fees. In those cases, "a consumer solution
>like Freedom allowing anonymity doesn't fit that market."
"Collect ongoing fees."
I'm not knocking free enterprise, but there are often problems with
business plans which seek to find ways to collect fees.
The most successful companies I've seen have started with a product
idea, often already in prototype form (Cisco, Sun, Intel, Apple,
etc.) and have then gone very quickly into production. Having 100
engineers working on Freedom, as was claimed today, and yet having
essentially no users of Freedom nyms visible a year later, suggests...
And moving toward a vague focus on solving customer privacy problems...
Well, I have no reason to wish them poor luck. But it doesn't sound
too promising. I really do hope I'm wrong and that they provide
interesting products for customer privacy and do well with them.
>
>* Austin mentioned cell phones/wireless as a major area. He
>envisions services such as if you call 911, your info is revealed,
>but not when phoning other numbers.
A fair enough analogy. One worth pursuing. The whole CallerID
situation, and various state and national laws re; 9-1-1 services,
took years and years to unfold. I would expect the same thing with
online ordering, except that it will take even longer, IMO.
There are some interesting "credentials without identity" protocols
which desperately need to be implemented. An example: a credential
which someone can present to a pharmacist which allows a drug, e.g,
an AIDS drug, to be picked up...without revealing identity. Alas, so
many pieces need to be put together to do this that it seems almost
hopeless; certainly a startup company cannot afford to spend the many
years it would take to deploy this kind of system.
>
>* Tim below suggests that "Wouldn't a better approach be for Alice
>to protect her own privacy?" The answer, generally, is yes. I
>suspect the Brands patents can do much to that end. But Austin seems
>to be envisioning a market in which *some* third party in the
>transaction, be it a business, intermediary, or ZKS, possesses
>personal info about customers and only receives what is necessary.
The first level of protection is for Alice to reveal as little as she
wishes and to not trust others with information which may damage her.
So she should not give out her passwords over the phone, or online.
And she should not reveal her AIDS diagnosis by buying AIDS drugs at
her local pharmacy. And she should not be ordering books on
bomb-making and terrorism through Amazon.
However, once Alice has given Bob this damaging information, the jig
is up. Bob knows her passwords or her AIDS status or her preferences
in books, whatever. And Charles may know other things. And Dave still
other things.
Now, can any protocol stop Bob and Charles and Dave from pooling
their information they each have collected on Alice? Nope.
The point is to unlink Alice's identity with the items she purchases,
the medicines she needs, the books she buys. Which is why remailers,
digital cash, proxies, and suchlike are interesting.
Perhaps ZKS is planning to unveil robust versions of all of these
things. If so, I applaud them.
--Tim May
--
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May | Crypto Anarchy: encryption, digital money,
ComSec 3DES: 831-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets,
"Cyphernomicon" | black markets, collapse of governments.
More information about the cypherpunks-legacy
mailing list