[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: How do I know if its encrypted?
At 10:52 AM 1/13/95, Eric Hughes wrote:
> From: [email protected]
>
> Here's a solution:
>
>What problem, pray tell, does this solve?
That of the data haven operator being able to deny knowledge of the
contents of files people send him. He'll only return files that, when
operated on by a strong cryptographic algorithm, make sense. He therefore
can't look inside the files until the owner asks for them back. If he
operates a timely (and automated) service, he can't know the contents until
after he's already sent the file back. If the server automatically deletes
the file upon return, he can't even tell what's in it then.
Further, an "authority" won't gain anything by seizing the data.
>It seems far more
>complicated than it need be.
As best I can tell, none of the previous suggestions guarantees that the
file is unreadable. How would you accomplish that in a simpler manner? Or
would you, as the operator of a data haven, not mind the risk of somebody
designing an illegal file that passes all your filters and tipping off the
police that you've got such a file on your computer, available to all--for
sale, even?
If there were a weakness in your filter, somebody could easily exploit that
weakness and get the use of your haven. With my system, they could send you
anything they liked, but it'd be little more than a cash donation, as
they'd never get it back. Your liability would be the same as if the person
had just emailed you the file and blew the whistle.
> Alice sends a file to Dave's DataHaven. When Alice wants her file back, she
> sends to Dave a secure hash of the file, a key with which to decrypt it,
> and a handful of plaintext at the beginning of the file. Dave decrypts the
> file that matches the hash with the key Alice gave him; if the file begins
> as Alice says it should, Dave returns the file to Alice.
>
>Eric
b&
--
[email protected], Arizona State University School of Music
Finger [email protected] for PGP public key ID 0xCFF23BD5.