[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: exporting signatures only/CAPI (was Re: Why not PGP?)




Steve Schear <[email protected]> writes:
> On a related note:
> 
> I've been charged with developing an Internet service which needs to assure
> its clients of anonymity.  However, we fear some clients may abuse the
> service and we wish to prevent the abusers from re-enrollment if
> terminated for misbehavior. (In your example, it would be the person(s)
> trying to discover the service host via flood).

Chaum's DC net solves flood problems.  However it itself has high
bandwidth requirements.  Also you need to do something about denial of
service attacks.  There are algorithms to detect disrupters.

> >Of course Ross Anderson's `eternity service' provides the general case
> >solution for distribution of such data.  It is complex to implement
> >well though.
> 
> I've never heard of the eternity service.  Where can I get more information?

Ross Andersion's www page is:

	http://www.cl.cam.ac.uk/~rja14/

he has a collection of postscript files for published and to be
published papers, eternity service is one of them.

You might find Matt Blaze's netescrow interesting also, and related:

	ftp://ftp.research.att.com/dist/mab/netescrow.ps

> BTW, would Eric Hughes' Universal Piracy System also solve such a
> situation, by distributing or parking snippets of encrypted file
> data across many 'cooperating' ftp (or whatever access/storage
> mechanism) sites.

Sounds similar to eternity.  It involves splitting the data over many
sites in many jurisdictions.  Is a UPS description available on www?

> Perhaps the negative authentication approach would help here too by
> preventing flood/denial of service attacks against the 'key' sites.
> If only snippets of encrypted data are stored on any one host it
> might make the SPA's goal even more elusive legally.

Eternities approach is to place sites in different jurisdictions, and
to arrange so that the sites themselves don't know what data the parts
of which they are serving.  (Removes the knowledge of what is being
distributed, which seems to be an element of the legal concept of
contributory infringement, as explained by Greg Broiles).

Adam
--
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`