Interesting People mailing list archives
IP: TimeVault - Secure Electronic Document Escrow on the World
From: Dave Farber <farber () central cis upenn edu>
Date: Fri, 17 May 1996 17:25:48 -0400
By: Brian Johnson UPenn ** TimeVault - Secure Electronic Document Escrow ** ** on the World Wide Web ** TimeVault is a secure system for storage of documents in machine-readable format for a specified length of time. At the end of the storage period, the document will be released on the World Wide Web or by another method chosen by the document author. TimeVault provides security through the use of asymmetric- key encryption (like PGP). Each release date has a set of keys: one for encrypting and one for decrypting. TimeVault maintains the encryption keys on its system, and also includes these keys with the client software distribution. The decrytpion keys, however, are broken in to fragments, and the fragments are stored with various escrow agents around the world. The key fragments are then transmitted back to TimeVault daily as needed. Documents submitted to TimeVault are encrypted with the encryption key corresponding to their release date prior to storage. Due to the use of this type of cryptosystem, the documents stored with TimeVault *cannot* be viewed by *anyone*. Not electronic thieves, not the Government, not even the owners and administrators of TimeVault itself. The only way an unauthorized party could view the contents of these documents would be by direct cryptanalytic attack or brute-force decryption. To use TimeVault, a user can download the systems proprietary software from TimeVaults homepage, install the software on his or her computer, and run it. The software will ask the user for identifying information, payment information, and the location of the document. It will then send the document along with the collected information via encrypted Internet email to the TimeVault computer. It is currently not possible to implement these functions on the Web because of the lack of strong encryption in SSL and the lack of a method to submit a whole document in an HTML form. Both of these are changing, however. The original concept for TimeVault was developed by Prof. David Farber at the University of Pennsylvania. I have spent the past semester implementing a working test version of the system as an independent research project. The system is now available at the following URL: http://www.seas.upenn.edu/~brianj/TimeVault/ The system *does* function as promised, but the client software is currently only available for Unix systems, and the security measures need some work. In addition, TimeVault currently resides on my Penn email account, which has a disk quota of around 8 MB, so feel free to test the system but please dont send any documents that are particularly large. For more information: * Dr. David Farber, farber () cis upenn edu * Brian Johnson, brianj () seas upenn edu -Brian Johnson University of Pennsylvania Systems Engineering / Finance '96 brianj () seas upenn edu
Current thread:
- IP: TimeVault - Secure Electronic Document Escrow on the World Dave Farber (May 17)