Squaring the Libertarian Circle

Howie Goodell goodell at mediaone.net
Wed Sep 12 21:23:53 PDT 2001


(sorry if this repeats; I posted it yesterday but didn't see
it.)

Yesterday's terrorist attacks could easily result in the
greatest assaults on freedom and privacy in America since
McCarthyism.  However they also represent an opportunity. 
My interest in crypto dates to David Chaum's August 1992
_Scientific American_ article, "Achieving Electronic
Privacy".  In it he offered a choice between two patterns in
which to pour the concrete of digital society:  base it on
identifying everyone, or on anonymous crypto credentials
using his blind signature algorithm.  The first pattern is
more obvious but destroys privacy and freedom; the second
can offer the same benefits while enhancing them.

Since 1992 we have traveled far down the first path, and
yesterday's events may ratchet us many steps further unless
we
offer a convincing alternative.  It is simple:  yes, we
could make our society much safer from terrorism by giving
police Gestapo surveillance authority, but Americans will
not tolerate it:  you will end up with some compromise that
is only half-secure (as well as half-free.)  Here are
protocols for much better security.  They involve private 
information, but people will accept them because 
they require the minimum loss of privacy.

What should we propose?  This group may be the world's best
source.  Better think fast, though; so we can offer them
widely before alternatives are rammed down our throats.

A few ideas to get the ball rolling:
 
Active privacy protection:
Collect the information a zealous G-man or Gestapo craves -
fingerprints, DNA, dossier, phone logs, etc., but encrypt
and
untraceably divide it through remailers in locations chosen
randomly by input from me and those collecting it.  As long
as I keep regularly anonymously authenticating myself, the
pieces can neither be located to destroy or compromise them,
or reunited.  If my transmissions stop for some period, say
because I blew myself up in a suicide attack, the different
providers send their pieces to the authorities and the game
is up.  I can assign a digital Power of Attorney or
inheritance for others to maintain my privacy when I can't,
but, if a grand jury investigating the plane I hijacked
publicly and legally indicts or subpoenas me (or the alias
under which I bought my plane ticket), they can broadcast a
code that retrieves some or all the data.  However their
actual locations are unknown:  if I set it up that way,
after some interval they also send it to my lawyer, a
selection of newspapers, etc.

Un-auditable taps:
Record full taps of all telephone and email conversations. 
Encrypt with multiple keys and/or divide the bits and store
with redundancy and active privacy protection in multiple
locations through remailers, as before.  The conversation
may only continue while the recording is anonymously proven
to be occurring.  During the statutory storage period, the
providers anonymously check one another, and regenerate in a
new randomly chosen location if one provider disappears.  On
the statutory expiration date, all the pieces do. 

Watchdog timer:
Like the processor in a control system, the computers of a
jet require regular interaction with their assigned,
authenticated, and conscious pilot.  Otherwise they announce
his incapacity to the world, and hand themselves over to
remote control from an authenticated ground controller. 
(Not necessarily blinded, but included because topical.)

Also, I have a few more related older ideas on my website
below.

Good luck!
Howie Goodell
-- 
Howie Goodell  hgoodell at cs.uml.edu  Pr SW Eng, WearLogic
Sc.D. Cand  HCI Res Grp  CS Dept  U Massachussets Lowell
http://people.ne.mediaone.net/goodell/howie
Dying is soooo 20th-century!   http://www.cryonics.org





More information about the cypherpunks-legacy mailing list