"Passive Blackmail" - Does this kind of application exist?
mixter at 2xs.co.il
mixter at 2xs.co.il
Sun Nov 11 06:35:03 PST 2001
I've been thinking about a certain kind of distributed application
involving cryptography, and I wondered if anything like this exists,
and if not, at least any accepted cryptographic method for doing this:
Suppose a scenario in which an individal has knowledge or substantial
suspicion that another person, group, or state are interested in
letting him have an accident or otherwise making him disappear.
Now, that individual could have generally important information, evidence
about exactly that plot, or other evidence or black-mail material
against those people who potentially harbor these intentions against him.
In this scenario, the kind of application I'm thinking of would allow
that individual to record all of his important information, encrypt
it, and post multiple copies to a decentralized network of cyberspace
sites, ideally anonymously (perhaps like freenet, with the big problem
that freenet and similar solutions provide no guarantee for that
information to remain there indefinitely).
Now the key part which is somewhat harder: it should only be possible
to decrypt that information for any third party in the case anything
really happens to that individual (prison, death, disappearance, ...).
There must be a system in which the individual must regularly visit
sites on a decentralized network and perform some (pseudonymous)
action of self-authentication that proves he's still there, and that
therefore the decryption key should not yet be released.
I presume that the most viable route to do this would be via decentralized
escrow of the encryption key for the information, i.e. you split the
key in three parts and provide multiple copies of each key to different
decentralized nodes or parties, while you need to make sure that no
party ever gets all three parts of the key. Only if you don't perform
a regular authentication (because you disappeared), any three parties
who together have your key will receive information about each other,
reassemble the key, fetch your decentrally stored ciphertext and
decrypt it, then posting it on the web or sending it to the media
or friends, or whatever.
I admit this system is a little complicated, but I think it would be
the only viable method of making sure information in this scenario is
kept intact, and at the same time only available when that individual
owning the information stops regularly affirming that he is still alive.
This may sound a bit paranoid at first, but it is a real important
application for which many people could have a real interest, which
could even help individuals provide some incentive for criminal/
intelligence/whatever groups to leave them alone, a "Passive Blackmail",
if you want. Taking a look at recent history, the disappearing or
otherwise strange death of hackers and other geeks and politically
active figures isn't a very rare occurrence...
So thanks in advance for any information you might have about this.
--
---------------------------
Mixter
Development/Consulting
2xs LTD. - http://2xss.com
Tel: +972-9-9519980
Fax: +972-9-9519982
Mail: mixter at 2xss.com
More information about the cypherpunks-legacy
mailing list