[Cryptography] Redundant Array of Cryptographic Services

Phillip Hallam-Baker phill at hallambaker.com
Sat Jan 18 22:49:39 EST 2020 

One of the feature sets for the Mesh requires a set of cryptographic agent
functions. I have generalized these as follows:

1) Haber-Stornetta Hash Chain notary

Yeah, gets request, signs it, chucks it in a blockchain, blockchain then
cross notarizes periodically with others. Job done.

Groups of notaries may offer joint signatures through a PRE-ESTABLISHED
agreement among the notaries.

2) Micali simultaneous contracts notary

The patent has expired. Time to use this.

This is a scheme that allows Alice and Bob to both obtain a signed receipt
on a document or neither does.

3) Key Escrow Agent

The proxy publishes and commits to follow a key use protocol for the key
{X, x} as follows:

1) The public key X
2) The DateTime at which the proxy will begin servicing decryption requests
3) The DateTime at which the proxy will cease servicing decryption requests
4) The DateTime at which the proxy will dispose of the key
5) Whether the private key x SHALL be destroyed or published on the
disposal date.
6) Additional requirements for access control on service provision
(optional).

It is my belief that it is sufficient to offer non-threshold escrow. Users
who want to ensure they can decrypt a document in the case that one or more
notaries fail, can perform (n,t) secret sharing over the session keys.

So here is the plan, I want to implement a reference service for test
purposes this year with a view to hardening it later on. But I still want
to have good crypto hygiene and survivability.

I don't feel good trusting HSMs. They can be compromised at source and they
can fail. So I want the escrow keys to be represented on paper.

I am considering the use of an ink jet printer with UV 'invisible' ink for
this. The key shares used to generate the master keys can be printed out,
distributed, locked in safes, etc.

The response to getting a (lawful) writ will of course be to do whatever
the court requires. If people want greater assurances, use multiple
services.

I do have some ideas for using notary chain services to nail down the
crypto further. But they kinda depend on having another notary service
there to tie to. So the idea of starting a reference service is in large
part to enable the creation of production services.

[And no, there shall be no proof of work element and no minting of
cryptobucks.]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20200118/dbe5c987/attachment.htm>

More information about the cryptography mailing list