Date: Fri, 18 Mar 94 07:07:06 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V4#043
Computer Privacy Digest Fri, 18 Mar 94 Volume 4 : Issue: 043
Today's Topics: Moderator: Leonard P. Levine
Re: Time Magazine on Clipper
Network Security
Re: Video tape rental records
Re: Video tape rental records
Re: Video tape rental records
Video Privacy
Flaw in Word for Windows
Phone Book Pseudonyms
Highly Efficient Electronic Cash Systems
The Computer Privacy Digest is a forum for discussion on the effect
of technology on privacy. The digest is moderated and gatewayed into
the USENET newsgroup comp.society.privacy (Moderated). Submissions
should be sent to comp-privacy@uwm.edu and administrative requests
to comp-privacy-request@uwm.edu. Back issues are available via
anonymous ftp on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp"
with password "yourid@yoursite". The archives are in the directory
"pub/comp-privacy". Archives are also held at ftp.pica.army.mil
[129.139.160.133].
----------------------------------------------------------------------
From: jrbd@craycos.com (James Davies)
Date: 15 Mar 94 17:03:23 MST
Subject: Re: Time Magazine on Clipper
mea@intgp1.att.com writes:
>If all the government is doing is taking a marketing approach with this
>Clipper chip technology, what's all the fuss? By simply adding another
>layer of encryption on top of Clipper will defeat its backdoor and
>threats from snooping.
The government has stated that they will only allow the Clipper chip to
be sold to makers of approved products. This means that any telephone
that adds an extra layer of encryption outside the Clipper-to-Clipper
interface probably won't be allowed.
Of course, if the extra encryption layer is added between the handset
and the telephone there probably won't be anything they can do about
it, unless they're also going to forbid modular phone plugs on handset
cords.
------------------------------
From: "Mike Gadda" <GADDAM@columbia.dsu.edu>
Date: 15 Mar 1994 18:55:09 CST
Subject: Network Security
Organization: Dakota State University
I'm kind of new here. In fact this is my first post. I was wondering
in any of you have had network security problems in the past? My
university has a Novell Network and last year someone bugged the whole
campus with a program called Lan Assist Plus. This program allows
*anyone* to mess with what others are doing by having another persons
screen captured on there own. The person being watched has no idea.
This person can be rebooted or messed with by unwanted keystrokes. I
couldn't believe it myself when I first saw it. I wonder if Novell
anticipated this problem when creating their networks. In fact I think
it is standard with their utilities. Without a doubt I'd say this is
an invasion of privacy. Someone in their dorm room can watch an entire
lab of computers somewhere else on campus. I must say this is very
impressive, but man, they don't tell anyone about it's existance.
Anyone else had experiences with programs like this?
Another breach of security that has gone around on my campus is a
program called keycopy. Keycopy is a memory resident program that
keeps track of every keystroke and writes it to a file on the C: drive
every few minutes. I couldn't believe it that this program was on a
server available to everyone. This is an incredibly easy way for
someone to get passwords.
I'm interested in getting the addresses of other computer mailing lists
if anyone has them. I'm writing a paper and need info on piracy and
viruses. Thanx!
------------------------------
From: eck@panix.com (Mark Eckenwiler)
Date: 15 Mar 1994 18:52:31 -0500
Subject: Re: Video tape rental records
Organization: Superseding Information, Inc.
O1EVERT@vm1.CC.UAKRON.EDU sez: I remember hearing that a court
order is required to obtain video tape rental records. (Why
someone would want these records is beyond me!)
If this is true - is this a federal law?
Yes. See 18 USC sec. 2710. The law was passed in 1988, largely as a
consequence of the Washington, DC _City Paper_'s obtaining and
describing in print Judge Bork's rental records.
------------------------------
From: coats@cardinal.ncsc.org (Carlie Coats)
Date: 16 Mar 1994 14:00:15 GMT
Subject: Re: Video tape rental records
Organization: North Carolina Supercomputing Center
O1EVERT@vm1.CC.UAKRON.EDU (Tom Evert) writes: I remember hearing
that a court order is required to obtain video tape rental
records. (Why someone would want these records is beyond me!)
If this is true - is this a federal law?
Yep! After those congress-critters tried to attack Robert Bork that
way (and all they discovered was old John Wayne movies), they decided
that they had better put a stop to such practices--they might be borked
themselves!
------------------------------
From: chi@netcom.com (Curt Hagenlocher)
Date: 16 Mar 1994 14:50:24 GMT
Subject: Re: Video tape rental records
Organization: NETCOM On-line Communication Services (408 241-9760 guest)
O1EVERT@vm1.CC.UAKRON.EDU (Tom Evert) writes: I remember hearing
that a court order is required to obtain video tape rental
records. (Why someone would want these records is beyond me!)
Some of the folks in Congress were a little worried about what their
constituents might say if they became acquainted with the representative's
viewing habits.
This is a federal law.
------------------------------
From: herronj@MAIL.FWS.GOV
Date: 16 Mar 94 12:02:03 MST
Subject: Video Privacy
Tom writes: I remember hearing that a court order is required to
obtain video tape rental records. (Why someone would want these
records is beyond me!) If this is true - is this a federal law?
I don't know if it is federal law but I would hope people could see the
importance of keeping these records private. Besides the fact these
records contain peoples home addresses, phone numbers, and often credit
card information, they also contain a record of videos rented. There
are a lot of religious groups that would love to try to turn these
people around. There are also a lot of weirdoes out there who think it
is there job to save the world from people like this. Or how about
looking up only women who had rented adult videos, to someone with a
sick mind this is like an open invitation.
Today's society grudgingly accept adult video rentals to be legal and
somewhat acceptable. But there is no telling what future governments
may decide. It may very well be that some state legislature may make
it a crime to possess adult related material in homes where children
are present. This with the good intention of insuring that children do
not accidently come in contact with it. Of course it should be the
parents job to keep this material out of their childrens hands but the
government is always interfering with how we raise our children.
Now the police would use this law to find out everyone who has rented
both adult videos and childrens videos. It would then be very easy to
cross reference this information with school records and arrest
everyone with children who rented the adult videos. This is not
information I want to be in the polices hands anyway. But then I don't
want them to be able to get library check out information either.
------------------------------
From: "Professor L. P.Levine" <levine@cs.uwm.edu>
Date: 17 Mar 94 15:25:32 CST
Subject: Flaw in Word for Windows
In an article titled FLAW FOUND IN WORD FOR WINDOWS PROGRAM The N.Y.
Times recently published a report describing how Microsoft Word for
Windows has a flaw that can allow the readers of documents to retrieve
material that the writer had deleted.
In this report Fred Langa, the editorial director of Windows Magazine,
states in the May issue that under some circumstances, recipients of a
file sent by E-mail or disk or shared on a network "still may be able
to read at least some of your original, raw remarks."
He states that if the "Prompt for Summary Info" item in the Tools menu
is turned off, and the "Allow Fast Saves" feature is turned on (the
default settings for the program) and if the file is then viewed with a
generic text program, such as the included Notepad, some or all of the
deleted material will be shown.
The article then states that Dean Hoshizaki, a software test engineer
at Microsoft Corp. in Redmond, Wash., said that the company had
received only positive comments about the feature, which was intended
automatically to save the title or other key words placed at the
beginning of a document.
With this report from the Times it is clear that the privacy of your
work and thoughts are intruded upon by this feature. This is about as
devastating as the UNDELETE and UNFORMAT capabilities in DOS, added to
help users but sometimes used to look at what was on an earlier version
of what you had sent to a user.
------------------------------
From: dwn@dwn.ccd.bnl.gov (Dave Niebuhr)
Date: 15 Mar 94 19:20:15 EST
Subject: Phone Book Pseudonyms
michael@stb.info.com (Michael Gersten) writes:
Some years ago, in order to protect my privacy, I registered my
phone under the name "Mehitabel DeCatte" (pronounced
"Mehitabel the cat"). Having such a "nom de phone" was legal
and was cheaper than having an unlisted number. Our cat,
Mehitabel, did live at our residence with
Ok, for all of you who do something like this, how?
When I tried to get a different name for my phone, I was told it
wasn't possible. They wanted either my Soc Sec Number, which I
wouldn't give out, or my drivers license, presented in person, so
that they could verify my identity.
They wouldn't let me use a fake name, and in fact, I asked
directly, and was told it wasn't possible.
I have my phone listed under a fictious name and the phone company
(NYTel/NYNEX) didn't blink an eye. The only thing I had to do was to
make sure that it was an unreasonable one such as John Doe, Richard
Roe; it had to be reasonable sounding.
However, I checked my phone book and found lots of John Doe's ...
------------------------------
From: Stefan.Brands@cwi.nl (Stefan Brands)
Date: 17 Mar 1994 20:51:09 GMT
Subject: Highly Efficient Electronic Cash Systems
Organization: CWI, Amsterdam
Subject: -------
seeking interested parties for implementing, and sharing the rights
to, my technologies for privacy-protected electronic transfer of
certified information.
****
I am a PhD student at the Cryptography Department at the Center for
Mathematics and Computer Science (CWI) in Amsterdam. In the past two
years, I have developed a compact set of new techniques that enable the
construction of highly efficient and secure electronic systems for
off-line transfer of certified information, such that privacy is fully
guaranteed. The resulting systems offers a great many advantages over
any other privacy-protected systems you will find. In particular, using
a subset of these techniques I have contructed off-line electronic cash
systems in which the privacy of the account holders is fully
guaranteed. An independent authority in the field of cryptology has
recently confirmed that these systems seem to be the most practical
such systems to date.
I am posting this letter because I am very interested in pursuing the
implementation of my systems *jointly*, in a fair business
relationship, with a company capable of and interested in standardizing
these systems. My technologies / ystenms are ideally suitable for smart
cards, hand held computers, interactive TV, etcetera. All the rights to
the technology have been transferred to me by CWI, and so part of such
a cooperation would be *joint ownership of all rights*.
The reason for posting this letter in a news group is that I see *no*
other way to get in touch with interested parties. Before I go deeper
into this, I would like to give you some more information about my
technologies, and explain their many features. If you are not
interested, but think you can help me by suggesting names etc.\, I
would appreciate your suggestions.
Privacy-protected transfer of electronic information.
-----------------------------------------------------
Much work has been done to construct privacy-protected off-line cash
systems previously, notably by David Chaum (formerly affiliated with
CWI). This early work has resulted in two key concepts that can be
used to attain the same level of security against double-spending as
can trivially be attained in off-line cash systems with full
traceability of payments. However, the many practical *realizations*
of these concepts that have been proposed are far from satisfactory
with respect to efficiency, provability of security (relative to
certain well-known problems that are widely believed to be
intractable), and extensibility in functionality.
The new techniques I developed for my PhD thesis overcome *all* of
these problems. They enable the construction of privacy-protected
off-line cash systems that are almost as efficient as off-line cash
systems that do *not* offer privacy. Succesful attacks against such a
system provably imply that one can break a certain well-known signature
scheme that is widely believed to be secure (such as the Schnorr
scheme, the Guillou/Quisquater scheme, the schemes presented by Okamoto
at CRYPTO 92, the Fiat/Shamir scheme etc.). The techniques in fact
allow the construction of a highly efficient off-line cash system whose
security (and that of all the extensions in functionality!) is based on
the security of any one signature scheme of the so-called Fiat/Shamir
type.
Among the extensions in functionality are: prior restraint of
double-spending, electronic cheques, protection against framing,
currency exchange, anonymous accounts, and multi-spendable coins. All
these extensions can be realized very easily without any need for
additional data stuctures or basic algorithms (that is, *no* ad hoc
constructions). In particular, prior restraint of double-spending can
be achieved by using a tamper-resistant computing device that is
capable of merely performing a signature scheme of the Fiat/Shamir type
(of one's own choice), such as the Schnorr signature scheme.
A highly preliminary report about a small subset of these techniques,
based on the Discrete Logarithm problem, has been published by me about
a year ago as a technical report at CWI. (A PostScript version of this
report can be retrieved by ftp from ftp.cwi.nl, as
pub/brands/CS-R9323.ps.).
In August 1993 I presented these preliminary results at the CRYPTO 1993
conference in Santa Barbara. The final version of this abstract can
also be retrieved by ftp from ftp.cwi.nl, as pub/brands/crypto93.ps.
It's succesful acceptance can be measured by the fact that the results
in the report are currently being used as the basis for a cash system
by the European CAFE project, a project with 13 European partners from
industry and science. I understand that some other implementations
based on my report are under way as well.
New developments.
-----------------
In the mean time, however, I have significantly improved and *greatly*
extended the techniques described in the preliminary report.
Furthermore, I came up with a fully RSA-based variant that offers
various advantages over the Discrete Log based variant.
Contrary to the description in the preliminary report, the improved
techniques allow the construction of withdrawal protocols for which it
can rigorously be proven that the aforementioned attack to the
withdrawal protocol is as hard as breaking a well-known signature
scheme, and the efficiency of the system increases by a factor of two
(a factor not to be neglected, especially not in case such a system is
implemented using smart card technology!).
As an interesting side note, the improved techniques do *not* use the
blind signature technique as developed and patented by David Chaum.
The full set of techniques can be used to construct highly efficient
privacy-protected off-line mechanisms for transferring certified
information, the security of which again can be *proven* assuming only
the security of a certain well-known signature scheme of the
Fiat/Shamir type of one's own choice. The off-line cash systems are in
fact just one very particular instance of the general applicability of
the complete set of techniques; it is a system in which credentials
that may be shown only once can be transferred between any
``organizations'' while privacy is guaranteed. As an example of the
usefulness of the new techniques, highly efficient and secure off-line
cash systems can be constructed in which payments are made under
pseudonym: in order to pay with a coin, an accountholder need do no
more than send 35 bytes to an ``organization'' at which he has a
pseudonym.
For those who want to know in detail about the *many* features of the
new techniques, as well as the performance of several preferred
embodiments of systems that can be contructed from them, I have
prepared a document that can be retrieve by ftp from ftp.cwi.nl, again
in the directory pub/brands. There is a PostScript version called
features.ps, as well as a plain text version called features.plain.
Why am I posting this letter?
-----------------------------
As I already mentioned at the start of this letter, I am very
interested in pursuing the implementation of my systems *jointly*, in a
fair business relationship, with a company capable of and interested in
standardizing these systems. I am in the process of finishing my PhD
thesis, which deals exclusively with these technologies. If you have
read the detailed description of the features in my ``features''
document, then I have no doubt that you will agree with me that these
systems offer a *great* many advantages over any other
privacy-protected system for off-line transfer of digital information.
In general, if you want to implement electronic systems for secure
transfer of certified information, whether it be cash or other types of
credentials, such that privacy can be guaranteed, then you will find
out that this is *the* way to go.
I am *not* involved with any project or company whatsoever. In
particular, I want like to point out that I am *not* involved in the
CAFE project, and I also do *not* have business relations with the
company (DigiCash) of David Chaum, although I greatly respect his
innovative work on privacy-protected transfer of electronic
information. In fact, *all* rights on my technologies have been
transferred to me by my employee, CWI.
Due to the fact that my research was done independently of any project
or company, it is extremely hard for me to get in touch with the
appropriate persons at companies that are really interested in this
technology *and* that have the capability of implementing it. Since
projects and companies that I am not part of obviously do not provide
me with such information, I see no better way to bring my technologies
under the attention than by publishing this letter on the news net.
If you are interested in my technologies, and want to pursue
implementation together with me in the *near* future, I invite you to
contact me. We can then discuss things further. Part of such a
cooperation would be that *sharing* with me the rights to my
technologies.
My fax number is
(31) 30 - 546 468
This is also my telephone number; however, I would prefer if you send
fax or e-mail. My e-mail address at CWI is brands@cwi.nl.
In case you are interested in having my work reviewed beforehand by
some cryptography authority, to make sure I am not talking nonsense, I
am happy to send to you a detailed description of my work. I guarantee
you that he or she will *not* be able to break it, and will confirm the
many statements I make about the benefits of my technologies. In
addition, or alternatively, depending on the circumstances, I am happy
to come over and explain my technologies in person with you.
Alternatively, if you or your company is not interested in my
technologies, but you think you can help me with pointers to persons
at companies that might be interested in this technology, I would very
much appreciate any such suggestions.
------------------------------
End of Computer Privacy Digest V4 #043
******************************
.