[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

EDDB/RN



I don't know if anyone else has had this particular idea before,
but it might be worth some consideration.  I referred to it very
briefly in my posting on RemailerNet v0.2 (RN02).

Eric points out that users of remailer networks want to be able to
trust in silence as well as trust in delivery, and RN02 accordingly
specifies that messages should be erased immediately after
acknowledgement of delivery.

However, there should be a use for persistent store, for a remote
encrypted database accessible anonymously.

Everyone must have had this sort of experience: someone walks into
your office.  There is something on your desk that you would rather
this other person not see.  So you toss it into a drawer, to get it
out of sight.

Imagine that you are working on a document and someone walks into
your office.  Rather than tossing it into a drawer, you toss it to
Finland.

The document is sent encrypted.  (The storage facility also encrypts
it.)  When its receipt is acknowledged, your local copy is destroyed,
if you wish.  You can retrieve it in seconds from anywhere, providing
that the system supports the notion of an identify distinct from your
log-in address.

Ideally, the data is stored on a distributed data base, with some
redundancy in case one or more gateways go down, and with the data
striped across gateways, so that no one gateway has all of the
data.

Because the data is encrypted by you and encrypted by the EDDB,
it cannot be recovered by anyone without your cooperation.  If the
data is striped over a number of gateways (with, say, every first
byte here, the next byte there, the next byte at a third gateway,
and every fourth byte at a fourth gateway), it would take widespread
collusion even to recover a copy of the encrypted document.

Once you have such a system in place, you could then do interesting
things like storing a document in the EDDB, and selling it to
someone by selling him your passwords.

I also think that a very reliable version of this system could be
used to handle electronic cash (e$).
--
Jim Dixon