[144918] in cryptography@c2.net mail archive
Re: [Barker, Elaine B.] NIST Publication Announcements
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Fri Oct 2 13:27:03 2009
From: "Perry E. Metzger" <perry@piermont.com>
To: Stephan Neuhaus <neuhaus@st.cs.uni-sb.de>
Cc: Peter Gutmann <pgut001@cs.auckland.ac.nz>, cryptography@metzdowd.com
Date: Thu, 01 Oct 2009 12:49:26 -0400
In-Reply-To: <C0A6F4FE-BD6D-4346-91F0-9A1B24E3AF3F@st.cs.uni-sb.de> (Stephan
Neuhaus's message of "Thu, 1 Oct 2009 17:07:46 +0200")
Stephan Neuhaus <neuhaus@st.cs.uni-sb.de> writes:
> On Oct 1, 2009, at 16:46, Perry E. Metzger wrote:
>> It is also completely impossible to prove you've deleted a
>> record. Someone who can read the record can always make a copy of
>> it. Cryptography can't fix the DRM problem.
>
> Sorry, I should have clarified that. We don't want to verify that Bob
> has in fact deleted the patient record, we just want to verify whether
> Bob *claims* to have deleted the patient record *within the time span
> given*. If Alice later finds out that Bob has lied, she will have this
> signed claim, with which she can take him to court.
If you have that more limited need, the Haber & Stornetta protocol will
likely do what you want, provided you can set something up to publish
the "widely witnessed events". (They had a company for a while to do
timestamping that published the hashes in the New York Times
classifieds. I think when they wrote their paper, the idea that
newspapers might soon cease to exist was not anticipated -- a more
modern system will need some sort of more durable model.)
Perry
--
Perry E. Metzger perry@piermont.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
