Date: Fri, 18 Mar 94 07:07:06 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V4#043 Computer Privacy Digest Fri, 18 Mar 94 Volume 4 : Issue: 043 Today's Topics: Moderator: Leonard P. Levine Re: Time Magazine on Clipper Network Security Re: Video tape rental records Re: Video tape rental records Re: Video tape rental records Video Privacy Flaw in Word for Windows Phone Book Pseudonyms Highly Efficient Electronic Cash Systems The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. Back issues are available via anonymous ftp on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password "yourid@yoursite". The archives are in the directory "pub/comp-privacy". Archives are also held at ftp.pica.army.mil [129.139.160.133]. ---------------------------------------------------------------------- From: jrbd@craycos.com (James Davies) Date: 15 Mar 94 17:03:23 MST Subject: Re: Time Magazine on Clipper mea@intgp1.att.com writes: >If all the government is doing is taking a marketing approach with this >Clipper chip technology, what's all the fuss? By simply adding another >layer of encryption on top of Clipper will defeat its backdoor and >threats from snooping. The government has stated that they will only allow the Clipper chip to be sold to makers of approved products. This means that any telephone that adds an extra layer of encryption outside the Clipper-to-Clipper interface probably won't be allowed. Of course, if the extra encryption layer is added between the handset and the telephone there probably won't be anything they can do about it, unless they're also going to forbid modular phone plugs on handset cords. ------------------------------ From: "Mike Gadda" Date: 15 Mar 1994 18:55:09 CST Subject: Network Security Organization: Dakota State University I'm kind of new here. In fact this is my first post. I was wondering in any of you have had network security problems in the past? My university has a Novell Network and last year someone bugged the whole campus with a program called Lan Assist Plus. This program allows *anyone* to mess with what others are doing by having another persons screen captured on there own. The person being watched has no idea. This person can be rebooted or messed with by unwanted keystrokes. I couldn't believe it myself when I first saw it. I wonder if Novell anticipated this problem when creating their networks. In fact I think it is standard with their utilities. Without a doubt I'd say this is an invasion of privacy. Someone in their dorm room can watch an entire lab of computers somewhere else on campus. I must say this is very impressive, but man, they don't tell anyone about it's existance. Anyone else had experiences with programs like this? Another breach of security that has gone around on my campus is a program called keycopy. Keycopy is a memory resident program that keeps track of every keystroke and writes it to a file on the C: drive every few minutes. I couldn't believe it that this program was on a server available to everyone. This is an incredibly easy way for someone to get passwords. I'm interested in getting the addresses of other computer mailing lists if anyone has them. I'm writing a paper and need info on piracy and viruses. Thanx! ------------------------------ From: eck@panix.com (Mark Eckenwiler) Date: 15 Mar 1994 18:52:31 -0500 Subject: Re: Video tape rental records Organization: Superseding Information, Inc. O1EVERT@vm1.CC.UAKRON.EDU sez: I remember hearing that a court order is required to obtain video tape rental records. (Why someone would want these records is beyond me!) If this is true - is this a federal law? Yes. See 18 USC sec. 2710. The law was passed in 1988, largely as a consequence of the Washington, DC _City Paper_'s obtaining and describing in print Judge Bork's rental records. ------------------------------ From: coats@cardinal.ncsc.org (Carlie Coats) Date: 16 Mar 1994 14:00:15 GMT Subject: Re: Video tape rental records Organization: North Carolina Supercomputing Center O1EVERT@vm1.CC.UAKRON.EDU (Tom Evert) writes: I remember hearing that a court order is required to obtain video tape rental records. (Why someone would want these records is beyond me!) If this is true - is this a federal law? Yep! After those congress-critters tried to attack Robert Bork that way (and all they discovered was old John Wayne movies), they decided that they had better put a stop to such practices--they might be borked themselves! ------------------------------ From: chi@netcom.com (Curt Hagenlocher) Date: 16 Mar 1994 14:50:24 GMT Subject: Re: Video tape rental records Organization: NETCOM On-line Communication Services (408 241-9760 guest) O1EVERT@vm1.CC.UAKRON.EDU (Tom Evert) writes: I remember hearing that a court order is required to obtain video tape rental records. (Why someone would want these records is beyond me!) Some of the folks in Congress were a little worried about what their constituents might say if they became acquainted with the representative's viewing habits. This is a federal law. ------------------------------ From: herronj@MAIL.FWS.GOV Date: 16 Mar 94 12:02:03 MST Subject: Video Privacy Tom writes: I remember hearing that a court order is required to obtain video tape rental records. (Why someone would want these records is beyond me!) If this is true - is this a federal law? I don't know if it is federal law but I would hope people could see the importance of keeping these records private. Besides the fact these records contain peoples home addresses, phone numbers, and often credit card information, they also contain a record of videos rented. There are a lot of religious groups that would love to try to turn these people around. There are also a lot of weirdoes out there who think it is there job to save the world from people like this. Or how about looking up only women who had rented adult videos, to someone with a sick mind this is like an open invitation. Today's society grudgingly accept adult video rentals to be legal and somewhat acceptable. But there is no telling what future governments may decide. It may very well be that some state legislature may make it a crime to possess adult related material in homes where children are present. This with the good intention of insuring that children do not accidently come in contact with it. Of course it should be the parents job to keep this material out of their childrens hands but the government is always interfering with how we raise our children. Now the police would use this law to find out everyone who has rented both adult videos and childrens videos. It would then be very easy to cross reference this information with school records and arrest everyone with children who rented the adult videos. This is not information I want to be in the polices hands anyway. But then I don't want them to be able to get library check out information either. ------------------------------ From: "Professor L. P.Levine" Date: 17 Mar 94 15:25:32 CST Subject: Flaw in Word for Windows In an article titled FLAW FOUND IN WORD FOR WINDOWS PROGRAM The N.Y. Times recently published a report describing how Microsoft Word for Windows has a flaw that can allow the readers of documents to retrieve material that the writer had deleted. In this report Fred Langa, the editorial director of Windows Magazine, states in the May issue that under some circumstances, recipients of a file sent by E-mail or disk or shared on a network "still may be able to read at least some of your original, raw remarks." He states that if the "Prompt for Summary Info" item in the Tools menu is turned off, and the "Allow Fast Saves" feature is turned on (the default settings for the program) and if the file is then viewed with a generic text program, such as the included Notepad, some or all of the deleted material will be shown. The article then states that Dean Hoshizaki, a software test engineer at Microsoft Corp. in Redmond, Wash., said that the company had received only positive comments about the feature, which was intended automatically to save the title or other key words placed at the beginning of a document. With this report from the Times it is clear that the privacy of your work and thoughts are intruded upon by this feature. This is about as devastating as the UNDELETE and UNFORMAT capabilities in DOS, added to help users but sometimes used to look at what was on an earlier version of what you had sent to a user. ------------------------------ From: dwn@dwn.ccd.bnl.gov (Dave Niebuhr) Date: 15 Mar 94 19:20:15 EST Subject: Phone Book Pseudonyms michael@stb.info.com (Michael Gersten) writes: Some years ago, in order to protect my privacy, I registered my phone under the name "Mehitabel DeCatte" (pronounced "Mehitabel the cat"). Having such a "nom de phone" was legal and was cheaper than having an unlisted number. Our cat, Mehitabel, did live at our residence with Ok, for all of you who do something like this, how? When I tried to get a different name for my phone, I was told it wasn't possible. They wanted either my Soc Sec Number, which I wouldn't give out, or my drivers license, presented in person, so that they could verify my identity. They wouldn't let me use a fake name, and in fact, I asked directly, and was told it wasn't possible. I have my phone listed under a fictious name and the phone company (NYTel/NYNEX) didn't blink an eye. The only thing I had to do was to make sure that it was an unreasonable one such as John Doe, Richard Roe; it had to be reasonable sounding. However, I checked my phone book and found lots of John Doe's ... ------------------------------ From: Stefan.Brands@cwi.nl (Stefan Brands) Date: 17 Mar 1994 20:51:09 GMT Subject: Highly Efficient Electronic Cash Systems Organization: CWI, Amsterdam Subject: ------- seeking interested parties for implementing, and sharing the rights to, my technologies for privacy-protected electronic transfer of certified information. **** I am a PhD student at the Cryptography Department at the Center for Mathematics and Computer Science (CWI) in Amsterdam. In the past two years, I have developed a compact set of new techniques that enable the construction of highly efficient and secure electronic systems for off-line transfer of certified information, such that privacy is fully guaranteed. The resulting systems offers a great many advantages over any other privacy-protected systems you will find. In particular, using a subset of these techniques I have contructed off-line electronic cash systems in which the privacy of the account holders is fully guaranteed. An independent authority in the field of cryptology has recently confirmed that these systems seem to be the most practical such systems to date. I am posting this letter because I am very interested in pursuing the implementation of my systems *jointly*, in a fair business relationship, with a company capable of and interested in standardizing these systems. My technologies / ystenms are ideally suitable for smart cards, hand held computers, interactive TV, etcetera. All the rights to the technology have been transferred to me by CWI, and so part of such a cooperation would be *joint ownership of all rights*. The reason for posting this letter in a news group is that I see *no* other way to get in touch with interested parties. Before I go deeper into this, I would like to give you some more information about my technologies, and explain their many features. If you are not interested, but think you can help me by suggesting names etc.\, I would appreciate your suggestions. Privacy-protected transfer of electronic information. ----------------------------------------------------- Much work has been done to construct privacy-protected off-line cash systems previously, notably by David Chaum (formerly affiliated with CWI). This early work has resulted in two key concepts that can be used to attain the same level of security against double-spending as can trivially be attained in off-line cash systems with full traceability of payments. However, the many practical *realizations* of these concepts that have been proposed are far from satisfactory with respect to efficiency, provability of security (relative to certain well-known problems that are widely believed to be intractable), and extensibility in functionality. The new techniques I developed for my PhD thesis overcome *all* of these problems. They enable the construction of privacy-protected off-line cash systems that are almost as efficient as off-line cash systems that do *not* offer privacy. Succesful attacks against such a system provably imply that one can break a certain well-known signature scheme that is widely believed to be secure (such as the Schnorr scheme, the Guillou/Quisquater scheme, the schemes presented by Okamoto at CRYPTO 92, the Fiat/Shamir scheme etc.). The techniques in fact allow the construction of a highly efficient off-line cash system whose security (and that of all the extensions in functionality!) is based on the security of any one signature scheme of the so-called Fiat/Shamir type. Among the extensions in functionality are: prior restraint of double-spending, electronic cheques, protection against framing, currency exchange, anonymous accounts, and multi-spendable coins. All these extensions can be realized very easily without any need for additional data stuctures or basic algorithms (that is, *no* ad hoc constructions). In particular, prior restraint of double-spending can be achieved by using a tamper-resistant computing device that is capable of merely performing a signature scheme of the Fiat/Shamir type (of one's own choice), such as the Schnorr signature scheme. A highly preliminary report about a small subset of these techniques, based on the Discrete Logarithm problem, has been published by me about a year ago as a technical report at CWI. (A PostScript version of this report can be retrieved by ftp from ftp.cwi.nl, as pub/brands/CS-R9323.ps.). In August 1993 I presented these preliminary results at the CRYPTO 1993 conference in Santa Barbara. The final version of this abstract can also be retrieved by ftp from ftp.cwi.nl, as pub/brands/crypto93.ps. It's succesful acceptance can be measured by the fact that the results in the report are currently being used as the basis for a cash system by the European CAFE project, a project with 13 European partners from industry and science. I understand that some other implementations based on my report are under way as well. New developments. ----------------- In the mean time, however, I have significantly improved and *greatly* extended the techniques described in the preliminary report. Furthermore, I came up with a fully RSA-based variant that offers various advantages over the Discrete Log based variant. Contrary to the description in the preliminary report, the improved techniques allow the construction of withdrawal protocols for which it can rigorously be proven that the aforementioned attack to the withdrawal protocol is as hard as breaking a well-known signature scheme, and the efficiency of the system increases by a factor of two (a factor not to be neglected, especially not in case such a system is implemented using smart card technology!). As an interesting side note, the improved techniques do *not* use the blind signature technique as developed and patented by David Chaum. The full set of techniques can be used to construct highly efficient privacy-protected off-line mechanisms for transferring certified information, the security of which again can be *proven* assuming only the security of a certain well-known signature scheme of the Fiat/Shamir type of one's own choice. The off-line cash systems are in fact just one very particular instance of the general applicability of the complete set of techniques; it is a system in which credentials that may be shown only once can be transferred between any ``organizations'' while privacy is guaranteed. As an example of the usefulness of the new techniques, highly efficient and secure off-line cash systems can be constructed in which payments are made under pseudonym: in order to pay with a coin, an accountholder need do no more than send 35 bytes to an ``organization'' at which he has a pseudonym. For those who want to know in detail about the *many* features of the new techniques, as well as the performance of several preferred embodiments of systems that can be contructed from them, I have prepared a document that can be retrieve by ftp from ftp.cwi.nl, again in the directory pub/brands. There is a PostScript version called features.ps, as well as a plain text version called features.plain. Why am I posting this letter? ----------------------------- As I already mentioned at the start of this letter, I am very interested in pursuing the implementation of my systems *jointly*, in a fair business relationship, with a company capable of and interested in standardizing these systems. I am in the process of finishing my PhD thesis, which deals exclusively with these technologies. If you have read the detailed description of the features in my ``features'' document, then I have no doubt that you will agree with me that these systems offer a *great* many advantages over any other privacy-protected system for off-line transfer of digital information. In general, if you want to implement electronic systems for secure transfer of certified information, whether it be cash or other types of credentials, such that privacy can be guaranteed, then you will find out that this is *the* way to go. I am *not* involved with any project or company whatsoever. In particular, I want like to point out that I am *not* involved in the CAFE project, and I also do *not* have business relations with the company (DigiCash) of David Chaum, although I greatly respect his innovative work on privacy-protected transfer of electronic information. In fact, *all* rights on my technologies have been transferred to me by my employee, CWI. Due to the fact that my research was done independently of any project or company, it is extremely hard for me to get in touch with the appropriate persons at companies that are really interested in this technology *and* that have the capability of implementing it. Since projects and companies that I am not part of obviously do not provide me with such information, I see no better way to bring my technologies under the attention than by publishing this letter on the news net. If you are interested in my technologies, and want to pursue implementation together with me in the *near* future, I invite you to contact me. We can then discuss things further. Part of such a cooperation would be that *sharing* with me the rights to my technologies. My fax number is (31) 30 - 546 468 This is also my telephone number; however, I would prefer if you send fax or e-mail. My e-mail address at CWI is brands@cwi.nl. In case you are interested in having my work reviewed beforehand by some cryptography authority, to make sure I am not talking nonsense, I am happy to send to you a detailed description of my work. I guarantee you that he or she will *not* be able to break it, and will confirm the many statements I make about the benefits of my technologies. In addition, or alternatively, depending on the circumstances, I am happy to come over and explain my technologies in person with you. Alternatively, if you or your company is not interested in my technologies, but you think you can help me with pointers to persons at companies that might be interested in this technology, I would very much appreciate any such suggestions. ------------------------------ End of Computer Privacy Digest V4 #043 ****************************** .