BlackNet as a Data Haven/Vault

[tcmay@netcom.com (Timothy C. May)]

wcs@anchor.ho.att.com wrote:
> 
> Tim and Eric write things like:
> > I fully concur.  The connotations of the word "haven" imply activities
> > that ordinary people don't see themselves doing.  This means that
> > ordinary people won't generally use something called a "haven", even
> > if they might use exactly the same service called something else.
> 
> We can always call them "Private Storage Servers" or some such;
> an interesting question is whether the main uses will be
> for retrieval by the storer, or by someone else, or by a bunch of others,
> and how we describe the service may affect that.

To coin a phrase, I fully concur. A taxonomy of services like this is
needed.

I was talking to some recently about dat havens/vaults/U-STOR-ITs, and
it was once again clear that our language is imprecise. Also, that who
the probably customers are, and how much they'll be willing to pay, is
unclear.

The "U-STOR-IT" model, similar to train lockers, safe deposit boxes,
storage lockers, etc., is fairly well protected, legally and socially.
Even though illegal things are often stored in such places, they
haven't been banned. (And last time I was in Europe, train lockers
were ubiquitously used, even in these terrorist times.)

But make the storgage locker accessible to many people, and watch what
happens. (I can't recall a good case on this, but I'm sure such "dead
drops" would not go unscathed.)

For example, the U-STOR-IT model applied to data is already common:
remote backups, courier services that pick up DAT backups everyday,
etc.

But announce a site is for the anonymous storage and retrieval of
files, a la storing commerical software, and watch for fireworks! (The
recent outcome in the LaMacchia case notwithstanding....)

Of course placing such sites outside the U.S. is one approach. Placing
them at the end--or somewhere-- of a chain of remailers is another
approach. The message pool approach used for BlackNet says that the
site need not even be traceable: just encrypt once or twice (once to
keep the contents secret, another to encrypt to BlackNet's public key)
and put it into a message pool or other publically readable place.
Then BlackNet grabs it, untraceably, and decrypts it, extracts its
digital money storage fee, and holds the file. When a suitably-signed
"storage receipt" is posted publically, BlackNet encrypts the file to
the public key provided, and posts the file.

Simple, eh? (Newcomers are likely to ask at this point: "But what's to
keep BlackNet from cashing the digital money and then not sending the
file out?" First, the encrypted data is of no use to BN, so the
marginal value to them is nil. Second, potential customers will likely
test the service with dummy files, etc. Third, reputations do matter.)

But of course the taxonomy needs to be done by anybody seriously
planning such a thing, and careful analysis of weaknesses and attacks
should be done.

(By the way, I've been remiss in not congratulating relative newcomer to
the list, Wei Dai, for his insightful work on traffic analysis of
remailers. It's the kind of work Hal Finney and Matt Blaze, and
others, have long been doing, and I find it very encouraging. I'm not
trying to sound judgmental here, just saying some of us appreciate
this kind of detailed analysis. Much more is needed.)

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay