Interesting bit of a quote

Nicholas Bohm nbohm at ernest.net
Fri Jul 14 06:08:59 EDT 2006 

John Kelsey wrote:
>>From: Anne & Lynn Wheeler <lynn at garlic.com>
>>Sent: Jul 11, 2006 6:45 PM
>>Subject: Re: Interesting bit of a quote
> 
> 
> ..
> 
>>my slightly different perspective is that audits in the past have 
>>somewhat been looking for inconsistencies from independent sources. this 
>>worked in the days of paper books from multiple different corporate 
>>sources. my claim with the current reliance on IT technology ... that 
>>the audited information can be all generated from a single IT source ... 
>>invalidating any assumptions about audits being able to look for 
>>inconsistencies from independent sources. A reasonable intelligent 
>>hacker could make sure that all the information was consistent.
> 
> 
> It's interesting to me that this same kind of issue comes up in voting
> security, where computerized counting of hand-marked paper ballots (or
> punched cards) has been and is being replaced with much more
> user-friendly DREs, where paper poll books are being replaced with
> electronic ones, etc.  It's easy to have all your procedures built
> around the idea that records X and Y come from independent sources,
> and then have technology undermine that assumption.  The obvious
> example of this is rules for recounts and paper record retention which
> are applied to DREs; the procedures make lots of sense for paper
> ballots, but no sense at all for DREs.  I wonder how many other areas
> of computer and more general security have this same kind of issue.   

Another example, possibly of some importance, is found in registers of
births, marriages and deaths.  Details of the relevant events were
entered contemporaneously in local paper ledgers whose pages were
numbered.  (They were later, perhaps every quarter, copied to central
registers.)  As a result it was very difficult to create a backdated
record, or remove an original one, without it being obvious.  When
registers consist of electronic databases, these natural protections
silently disappear.  They could be replaced, perhaps by publishing an
authenticated hash of the register every week, and cumulative hashes
periodically; but there is no sign of such methods being adopted.

The Law Society of England and Wales suggested to the Land Registry that
it should adopt some such methods for its electronic land registers,
especially when the transactions recorded in the registers become
electronic rather than paper transactions, as is planned.  I have no
reason to think this suggestion will take root.

Nicholas Bohm
-- 
Salkyns, Great Canfield, Takeley,
Bishop's Stortford CM22 6SX, UK

Phone   01279 871272    (+44 1279 871272)
Fax      020 7788 2198   (+44 20 7788 2198)
Mobile  07715 419728    (+44 7715 419728)

PGP public key ID: 0x899DD7FF.  Fingerprint:
5248 1320 B42E 84FC 1E8B  A9E6 0912 AE66 899D D7FF

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list