PAIIN crypto taxonomy (was Re: CFP: PKI research workshop)

[Arnold G. Reinhold]

The PAIIN model (privacy, authentication, identification, integrity, 
non-repudiation) is inadequate to represent the uses of cryptography. 
Besides the distinction between privacy and confidentiality, I'd like 
to point out some additional uses of cryptography which either don't 
fit at all or are poorly represented in this model:

    Anonymity - the ability to communicate without messages being 
attributed to the sender (e.g. remailers).

    Confidential verification -- the ability to verify information 
without disclosing it (e.g. zero knowledge proofs).

    Fragmentation -- dividing control over information among several parties.

    Invisibility -- the ability to communicate or store information 
without being detected. This includes stegonography, low probability 
of observation communication techniques such as low power spread 
spectrum, and measures against traffic analysis such as link 
encryption.

    Proof of trespass -- The ability to demonstrate that anyone having 
access to data knew they were doing so without authorization, (e.g. 
for trade secret and criminal evidence law).

    Remote randomization -- the ability for separated parties to 
create fair and trusted random quantities.

    Resource taxing -- techniques to prove a minimum expenditure of 
computing resources  e.g. hash-cash.

    Time delay -- making information available but not immediately.

    Transmission assurance -- anti-jam and anti censorship technology.

    Use control -- the whole digital rights management scene.


I'm not suggesting this is a complete list or the best breakdown, but 
I hope is shows that the cryptographic imagination goes beyond PAIIN.

Arnold Reinhold





---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com