USA PATRIOT Act Survives Amendment Attempt (fwd from brian-slashdotnews at hyperreal.org)
alan
alan at clueserver.org
Fri Jul 9 14:13:49 PDT 2004
On Fri, 9 Jul 2004, Thomas Shaddack wrote:
>
> On Fri, 9 Jul 2004, Steve Schear wrote:
>
> > Quite a few book stores (including the local Half-Priced Books) now keep no
> > records not required and some do not even automate and encourage their patron
> > to pay cash. In California book sellers to such used/remaindered stores must
> > identify themselves for tax purposes.
>
> The Patriot gag orders lead me to a thought.
>
> Is it possible to write a database access protocol, that would in some
> mathematically bulletproof way ensure that the fact a database record is
> accessed is made known to at least n people? A way that would ensure that
> either nobody can see the data, or at least n people reliably know the
> record was accessed and by whom?
>
> When somebody comes with a paper and asks for the data, the one currently
> in charge of the database has to give them out, and may be gag-ordered.
> However, when way too many people know about a secret, which the protocol
> should ensure, it's better chance it leaks out, and less likely to
> identify the one person responsible for the leak, who could be jailed
> then. Especially when at least one of n is outside of the reach of the
> paws of the given jurisdiction.
>
> The question is this: How to allow access to a specific file/db record in
> a way that it can't be achieved without a specified list of parties (or,
> for added system reliability, at least m of n parties) reliably knowing
> about who and when accessed what record? With any attempt to prevent the
> parties from knowing about the access leading to access failure?
>
> Note a peculiarity here; we don't ask for consent of the parties (that
> would be a different threat-response model), we only make sure they know
> about it. (We can deny the access, when at least (n-m)+1 parties refuse to
> participate, though.)
That would crash the system.
More information about the cypherpunks-legacy
mailing list