[fc-discuss] Financial Cryptography Update: tracking tokens

iang@iang.org iang@iang.org
Sun, 7 Aug 2005 13:54:23 +0100 (BST)


(((((((((((( Financial Cryptography Update: tracking tokens ))))))))))))

                            August 07, 2005


------------------------------------------------------------------------

https://www.financialcryptography.com/mt/archives/000528.html



------------------------------------------------------------------------

Wired and Boston report on a new mechanism to read a fingerprint from
paper.	Not the fingerprint of a person touching it, but the
fingerprint of the paper itself.  Scanning the micro-bumps with a laser
is a robust way to create this index, and it even works on plastic
cards.	(Note, don't be distracted about the marketing bumph about
passports, it is way too early to see where this will be used as yet.)

http://www.wired.com/news/privacy/0,1848,68352,00.html
http://www.ibd.nrc-cnrc.gc.ca/english/spec_e_speckle.htm
http://www.boston.com/news/globe/health_science/articles/2005/08/01/the
_fingerprint_of_paper/?page=2

Our recent pressed flowers adventure resulted in a new discovery along
similar lines - we can now make a token like a banknote with cheap
available tools that is unforgeable and uncopyable.  It does this by
means of the unique identifier of the flower itself;  we can couple
this digitally by simply scanning and hashing (a routine act in the
ongoing adventure of FC).  What's more, it integrates well with the
pre-monetary economics that is built into our very genes, if you
subscribe to the startling new theory presented in "Shelling Out," a
working paper by Nick Szabo.

https://www.financialcryptography.com/mt/archives/000525.html
http://szabo.best.vwh.net/shell.html
http://www.finanancialcryptography.com/images/

In other tracking information, the EFF has started tracking printers
that track pages.  Some manufacturers print a tiny fingerprint of the
printer onto every page that gets produced.  Originally "suggested" by
monetary authorities so as to trace forgeries and copies of paper
money, it will of course make its way into evidence in general court
proceedings.  Predictably the EFF finds that there is no protection
whatsoever for this.

http://www.eff.org/Privacy/printers/wp.php

(older DRM techniques by the ECB:
https://www.financialcryptography.com/mt/archives/000149.html)

>From the benches of the Montana Supreme Court, a judgement that
instantiates the Orwell Society.  Dramatically written by Judge Nelson
and brave for its refreshing honesty, it recalls that famous line from
Scott McNeally, "you have no privacy left, get used to it."  It's worth
reading for its clear exposition of how your garbage is abandoned and
therefore open to collection by ... anyone.  But it should also serve
as a wakeup call to the limits of privacy:

"In short, I know that my personal information is recorded in
databases, servers, hard drives and file cabinets all over the world. I
know that these portals to the most intimate details of my life are
restricted only by the degree of sophistication and goodwill or
malevolence of the person, institution, corporation or government that
wants access to my data." 
 "I also know that much of my life can be reconstructed from the
contents of my garbage can."
 "I don't like living in Orwell's 1984; but I do. And, absent the next
extinction event or civil libertarians taking charge of the government
(the former being more likely than the latter), the best we can do is
try to keep Sam and the sub-Sams on a short leash."

http://news.com.com/2061-10796_3-5820618.html

In such a world, we should be delivering privacy, as we cannot rely on
anyone else to do it.  In this sense, the recent (popularish) argument
between Phil Zimmerman's new VoIP product and some PKI apologists is
easily defended by Phil as such:

"My secure VoIP protocol also requires almost no activation energy, so
I expect it to do well."

No more need be said.  Go Phil.  (See the recent article on Security
Usability for IEEE's Security & Privacy mag as well.)

http://blogs.zdnet.com/Ou/?p=87
http://blogs.zdnet.com/Ou/?p=86
http://iang.org/ssl/j4cry.pdf

-- 
Powered by Movable Type
Version 2.64
http://www.movabletype.org/