CDR: Re: Zero Knowledge changes business model (press release)

Tim May tcmay at got.net
Tue Oct 31 14:57:43 PST 2000


At 5:14 PM -0500 10/31/00, Declan McCullagh wrote:
>I spent perhaps half an hour on the phone with Austin Hill this 
>afternoon. Here's what we discussed.
>...
>* ZKS will offer to store keys. "That includes us holding encryption 
>keys." Austin described the key-splitting the same way Adam has 
>here. He refused to say whether or not a third-party (Joe's Escrow 
>Service) would ever hold keys.

Except for the very specialized case of protecting against 
loss/forgetting of passphrases and keys, it's hard to imagine how 
Alice's privacy is ever enhanced by having a third party hold keys.

I'm assuming there's some byzantine protocol being planned in which 
Alice's secrets (medical files, purchasing preferences, tax 
information, etc.) are somehow distributed such that various 
hospitals, insurance companies, etc., cannot link information to 
Alice. A worthy research topic. But maybe a bit ambitious for a 
start-up company with a (reportedly) high burn rate to be launching, 
it seems to me.

If not this byzantine protocol, what? If Alice supplies personal 
information to Bobco, he has it, period. A hospital, for example, has 
this personal information. Hospitals leaking or selling or sharing 
this information is indeed a pressing concern, but one not readily 
solvable with technology. It's like the various schemes to delete 
information before it can be saved to hard disk..these schemes just 
don't work: if human eyes can see something, or if ears can hear it, 
then cameras and sound capture cards and so on can bypass the 
attempted erasures.

Likewise, if Bob's General Hospital knows who Alice is, then the game 
is up. Period. Technology can't do much about it. Stuff about 
splitting keys or having third parties involved just doesn't change 
this basic ontological fact.

(There are, of course, cryptographically respectable protocols for 
anonymous testing, for blinding of test results, etc. Some even use 
coin-flipping protocols. But I gather that this is not the market ZKS 
is seeking to enter.)

I look forward to hearing more from ZKS about what, exactly, this new 
system is.

Much of the press release was typical press release junk about 
privacy being important, corporations seeking to fully maximize their 
paradigms, etc., etc. But some of it talked about key splitting and 
local laws, which is usually worrisome to paranoid folks like us.

>
>* ZKS appears to be targeting heavily-regulated areas like medical 
>and financial sectors. They will come in, set up a 
>privacy-protective system, perhaps provide some ongoing service, and 
>(if so) collect ongoing fees. In those cases, "a consumer solution 
>like Freedom allowing anonymity doesn't fit that market."

"Collect ongoing fees."

I'm not knocking free enterprise, but there are often problems with 
business plans which seek to find ways to collect fees.

The most successful companies I've seen have started with a product 
idea, often already in prototype form (Cisco, Sun, Intel, Apple, 
etc.) and have then gone very quickly into production. Having 100 
engineers working on Freedom, as was claimed today, and yet having 
essentially no users of Freedom nyms visible a year later, suggests...

And moving toward a vague focus on solving customer privacy problems...

Well, I have no reason to wish them poor luck. But it doesn't sound 
too promising. I really do hope I'm wrong and that they provide 
interesting products for customer privacy and do well with them.

>
>* Austin mentioned cell phones/wireless as a major area. He 
>envisions services such as if you call 911, your info is revealed, 
>but not when phoning other numbers.

A fair enough analogy. One worth pursuing. The whole CallerID 
situation, and various state and national laws re; 9-1-1 services, 
took years and years to unfold. I would expect the same thing with 
online ordering, except that it will take even longer, IMO.

There are some interesting "credentials without identity" protocols 
which desperately need to be implemented. An example: a credential 
which someone can present to a pharmacist which allows a drug, e.g, 
an AIDS drug, to be picked up...without revealing identity. Alas, so 
many pieces need to be put together to do this that it seems almost 
hopeless; certainly a startup company cannot afford to spend the many 
years it would take to deploy this kind of system.


>
>* Tim below suggests that "Wouldn't a better approach be for Alice 
>to protect her own privacy?" The answer, generally, is yes. I 
>suspect the Brands patents can do much to that end. But Austin seems 
>to be envisioning a market in which *some* third party in the 
>transaction, be it a business, intermediary, or ZKS, possesses 
>personal info about customers and only receives what is necessary.

The first level of protection is for Alice to reveal as little as she 
wishes and to not trust others with information which may damage her. 
So she should not give out her passwords over the phone, or online. 
And she should not reveal her AIDS diagnosis by buying AIDS drugs at 
her local pharmacy. And she should not be ordering books on 
bomb-making and terrorism through Amazon.

However, once Alice has given Bob this damaging information, the jig 
is up. Bob knows her passwords or her AIDS status or her preferences 
in books, whatever. And Charles may know other things. And Dave still 
other things.

Now, can any protocol stop Bob and Charles and Dave from pooling 
their information they each have collected on Alice? Nope.

The point is to unlink Alice's identity with the items she purchases, 
the medicines she needs, the books she buys. Which is why remailers, 
digital cash, proxies, and suchlike are interesting.

Perhaps ZKS is planning to unveil robust versions of all of these 
things. If so, I applaud them.


--Tim May

-- 
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
ComSec 3DES:   831-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
"Cyphernomicon"             | black markets, collapse of governments.





More information about the cypherpunks-legacy mailing list