[356] in WWW Security List Archive
Re: Information identifiers
daemon@ATHENA.MIT.EDU (Nick Szabo)
Fri Jan 27 10:09:20 1995
From: szabo@netcom.com (Nick Szabo)
To: www-security@ns2.rutgers.edu
Date: Fri, 27 Jan 1995 03:24:25 -0800 (PST)
In-Reply-To: <26739.199501271045@crocus.csv.warwick.ac.uk> from "Mr C A Rusbridge" at Jan 27, 95 10:45:16 am
Reply-To: www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
> As I understand the idea (and this could be wrong), a copyright item
> would be placed on the net encoded in some way so that the copyright
> ownership was clearly identifiable, no matter how small a (decodable)
> slice of the item you take.
A bit of reflection will reveal that this is mathematically
impossible. The amount of information so encode must be at
least log2(the number of customers). More importantly,
these must be "noise" bits that can be flipped without
alterring the semantics of the document, yet be semantically
undifferentiable to the copiers. None of the proposed schemes
have solved this fundamental semantic hiding problem. A copier
can simply determine which bits do not change the semantics of
the document, flip them all randomly. and redistribute the
document.
Also, these schemes often assume that once the customer is identified,
law enforcement can be invoked. But in fact "data piracy", aka
the free copying of information regardless of origin, is perfectly
legal in some jurisdictions on the Internet, and the laws are
not enforced in many other such jurisdictions. Furthermore,
both law enforcement and blacklists assumes that e-mail addresses can
be traced to actual persons, but there is no strong True Name
authentication on the Internet, and such a scheme will never
become universal, for a variety of reasons. Finally, the
customer targeted by the fingerprint might simply be an
innocent victim of an untraceable thief, or could plausibly
claim to be so.
Nick Szabo szabo@netcom.com
