[Cryptography] Crypto and rustling
John Denker
jsd at av8n.com
Sat Nov 19 23:58:48 EST 2016
On 11/18/2016 02:14 PM, Dave Horsfall asked if it:
> could be improved using only technology available at the time
1) No discussion of branding would be complete without this:
https://img.ifcdn.com/images/da927b7fb62ff3068a20769a5bca9ca3a96c3442d27b39bbb10f61a4a66d1f1d_1.jpg
http://67.media.tumblr.com/c036197ac7bdefe2590d98c7c2ca532a/tumblr_nc7c0sW6FH1rom810o1_1280.jpg
https://www.picflash.org/viewer.php?img=tumblr_nclleiz2971rmbujlo1_500IORRGU.jpg
i.e. Gary Larson : Far Side cartoon : The brand of Daryl Jones
2) Branding of cattle dates back to ancient Egypt, so restricting
solutions to those "available at the time" is a bit vague. I
assume it means no electronics.
Hallmarks have been used on pottery and metalwork since the
dawn of time.
3) There are some problems in this space that cannot be solved
by branding alone.
For example, consider the extension to logging: Somebody grows
trees, fells them, brands the ends, sends them down the road
or down the river by a complicated process, and then gets paid
when the branded logs arrive at the mill.
The obvious attack is to saw an inch off the end of the log
and re-brand it.
4) There are problems that can be solved by paperwork + branding
that cannot be solved by either one alone.
5) Positioning of the brand on the animal is part of the vocabulary.
You can have two identical graphics, but if they are applied in
different places they are considered different brands. Usually.
6) Brand /registration/ helps a lot.
Theory says that a brand that is similar to another, or which
can be easily created by alteration of another, will be rejected
by the registrar. However, this is not always true in practice.
Counterexample: In the California brand book:
A- Avila LR earless
-A- Anderson LR earless
https://www.cdfa.ca.gov/AHFSS/Livestock_ID/pdfs/2010_Brand_Book/A.pdf
7) Brands can be used in conjunction with /earmarks/. Altering
both would be a lot harder than altering either one separately.
However, sometimes there is no earmark, as in the previous
counterexample.
8) The system is open to false-flag attacks and denial-of-service
attacks. If there is a brand on one side and some troublemaker
applies a different brand on the other side, there might not be
any obvious way to tell which is authentic, and the brand inspector
will declare both invalid.
Such an attack is not cheap, but somebody with a big enough
grudge might try it.
9) It appears that most brand designers are more interested in
cute symbols than in high-security symbols.
10) Applying the brand is not an exact science. Brands can be
smudged. Therefore error-resistance is a consideration, not
just forgery-resistance ... although there is a bit of overlap
between the two.
If you wanted to be systematic about this, you could use some
sort of Latin square or magic square design. I see no indication
that anybody ever bothered to do this. So this might count as
something that could have been done, but wasn't.
Designing one tamper-resistant brand isn't enough; ideally we
would like a systematic way of generating a huge number of unique,
readily-distinguishable, /and/ tamper-resistant brands. There
are hundreds of thousands of registered brands in the US alone.
OTOH they don't have to be globally unique. For most purposes
it suffices to be unique on a county-by-county basis.
A plain old numeral with a check digit would make sense. It would
certainly be easier to use, as compared to grubbing through the
pictures in the brand book. OTOH it fails the cuteness requirement.
Use a forgery-resistant alphabet, e.g. using X instead of 8, so it's
not quite so easy to turn other digits into 8s.
11) From a leather point of view, any brand on the hide is considered
a defect.
=============
Looking forward, it is easy to predict that electronic tagging will
make branding obsolete.
In cases of alleged brand forgery, DNA can help. If Mr. Hatfield
owns both parents, Mr. McCoy might have a hard time explaining how
his brand came to be on the animal.
More information about the cryptography
mailing list