[Cryptography] Hope Apple Fights This!

Henry Baker hbaker1 at pipeline.com
Thu Feb 25 18:50:46 EST 2016 

At 02:50 PM 2/25/2016, Jerry Leichter wrote:
>> So let me understand: exactly *where* is my data?
>> 
>> If I have a file full of random numbers in country #1 and another file full of random numbers in country #2 and another file full of random numbers in country #3 and so on, so I guess my "data" is in *all* of the countries.
>> 
>> But only I know the function that will transform the data stored in all of these countries into a form that might actually be useful, so my "data" is also in *none* of the countries.
>
>Congratulations.  You've rediscovered the argument every kiddie comes up with to protect themselves from copyright lawsuits:  I don't actually have your protect music on my server.  I have a bunch of random numbers.  So does my friend across the street.  It happens that if you XOR the two together you get the music, but neither of us actually has your music....
>
>It's nonsense.  You're acting as if judges were idiots.  They're not.
>
>If you encrypt your stuff locally before putting it in the cloud, and hold the key yourself, you're protected against anything the cloud provider can do.  They can only deliver what they have (encrypted text that neither they nor the government can read), not what they don't have (the corresponding plaintext.)  This is much safer than any hacks for spreading the stuff around.
>
>Add integrity checks if you're concerned about modification attacks.  Use replicas and error correction to deal with failures of individual replicas.
>
>The rest is just noise.

I'm not suggesting that judges are idiots; even when they're non-techie, they're usually excellent judges of human character.

But the judge has to be convinced that you even have access to that pirated song, before your XOR argument will convince him.

You'll have to forgive me, but Tor more-or-less works -- at least it slows down some of the less sophisticated agencies & govts.

The ability to cryptographically mix data on the Internet from a wide variety of sources would require the NSA (or equivalent) to not only have access to all of that data (which they certainly do), but to also know what to do to correlate it all.

That problem is certainly at least O(nlogn) if not O(n^2), and last time I looked, data size was growing as O(1/w^2) [soon to be O(1/w^3)] while computer speed was growing as O(1/w), where w is line width.

Not even the NSA can beat that growth factor.

More information about the cryptography mailing list