At 07:54 AM 9/17/2004, Ian Grigg wrote:
Ahhhh, now if one could implement a message that self-
destructed on the recipient's machine, that would
start to improve security against the above outlined
threat.  I've toyed with the notion of integrating
contracts negotiation into clients, such that mailers
automatically delete messages agreed earlier to have a TTL.

That's been done, by "Disappearing Inc". says they're now owned by Omniva.

The proprietor gave a talk at a Cypherpunks meeting some years ago,
after they'd done a big Scannelly splash in USA Today.
He started out by identifying the problem he was trying to solve,
which is for routine document destruction -
a cooperating sender and receiver want to know
that their message will disappear after some time
if neither of them tries to make other copies or work around the system;
the problem of making a truly non-copyable system is snake oil
that he wasn't going to try to sell.

The system creates a session key and a cookie,
which it sends to a policy server,
encrypts the message with the session key,
and includes the cookie and encrypted message in the email.

The recipient's mail client handles and stores the encrypted message,
and when the recipient wants to read it,
he runs a Disappearing Inc. crypto client which
sends the cookie to the policy server, gets the session key,
and decrypts the mail in a viewer program.

After whatever timeout the sender specifies,
the policy server deletes the key and cookie,
so the recipient can no longer decrypt the message.
Originally the business model was that Disappearing Inc.
ran the policy server, and it was accessible using https or whatever,
but they later also started selling servers to customers.

The system obviously doesn't stop the recipient from
screen-scraping the message (don't remember if it supported cut&paste),
but it's designed for the Ollie North problem
        "What do you mean the email system backs up all messages
        on optical disk?  I thought I deleted the evidence!"
or the business equivalent (anti-trust suit wants all your
correspondence from the last 17 years.)

It's not a perfect system - courts can order the policy server
not to delete any data, for instance - but any data that
has been deleted before then has really been deleted,
assuming the policy server's disk isn't also backed up on optical.
And Ed Gerck gets to know that his message was transmitted
with adequate encryption under control of the sender.


--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to