How to implement a self-destructing message.

Ian Grigg iang at systemics.com
Fri Sep 17 10:54:09 EDT 2004 

Bill Stewart wrote:

> I don't understand the threat model here.  The usual models are
...
> - Recipient's Computer Disk automatically backed up to optical storage at night
>         - No sense subpoenaing cyphertext when you can subpoena plaintext.

In terms of threats actually seen in the real world
leading to costs, etc, I would have thought that the
subpoena / civil / criminal case would be the largest.

In this case, the threat might be something like:

   - Recipient forwards plaintext to someone who
     forwards it to someone who is a threat, where
     the number of links between Recipient and Threat
     are from 0 to many.  Zero means, one year later,
     Recipient becomes threat.
         - Hard for the sender to detect and work around.
         - Could be mitigated by contract provisions,
           such as email clients that automatically
           attach "Confidential" tags on or otherwise
           arrange for emails to be excepted from civil
           proceedings *.
         - Could the email clients use digsigs to
           evidence entry into confidential comms?

As this threat is real, persistent and growing in
popularity, the obsession of perfectly covering more
crypto-savvy threats seems .. unbalanced?

>         ----- BEGIN PGP SIGNED MESSAGE
>         Alice - I've sent you an encrypted message at
>                 https://bob.example.net/cookie123456.PGP
>                 This URL will self-destruct in 5 business days.
>                         - Bob
>         ----- END PGP SIGNED MESSAGE

Ahhhh, now if one could implement a message that self-
destructed on the recipient's machine, that would
start to improve security against the above outlined
threat.  I've toyed with the notion of integrating
contracts negotiation into clients, such that mailers
automatically delete messages agreed earlier to have
a TTL.

But, it seems that even in the chat world, there are
vast numbers of people that routinely save every chat
message / session.  So it needs to be an advisory
negotiation only.  Hence, my thought that if we could
add a contract / in-confidence / without prejudice
label on the message, even if the recipient kept a
copy (via override) then at least it could be locked
out of civil court proceedings *.

iang

*  In some sense or other, if the term "WITHOUT
PREJUDICE" is put on correspondence, that makes it
confidential and protects it from being brought in
to civil proceedings.  Normal IANAL caveats apply.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list