[cryptography] LeastAuthority.com announces PRISM-proof storage service

ianG iang at iang.org
Sat Aug 17 04:52:58 EDT 2013

On 16/08/13 22:11 PM, zooko wrote:
> On Tue, Aug 13, 2013 at 03:16:33PM -0500, Nico Williams wrote:
>> Nothing really gets anyone past the enormous supply of zero-day vulns in their complete stacks.  In the end I assume there's no technological PRISM workarounds.
> I agree that compromise of the client is relevant. My current belief is that
> nobody is doing this on a mass scale, pwning entire populations at once, and
> that if they do, we will find out about it.
> My goal with the S4 product is not primarily to help people who are being
> targeted by their enemies, but to increase the cost of indiscriminately
> surveilling entire populations.
> Now maybe it was a mistake to label it as "PRISM-Proof" in our press release
> and media interviews! I said that because to me "PRISM" means mass surveillance
> of innocents. Perhaps to other people it doesn't mean that. Oops!

My understanding of PRISM is that it is a voluntary & secret arrangement 
between the supplier and the collector (NSA) to provide direct access to 
all information.

By 'voluntary' I mean that the supplier hands over the access, it isn't 
taken in an espionage or hacker sense, or leaked by an insider.  I 
include in this various techniques of court-inspired voluntarianism as 
suggested by recent FISA theories [0].

I suspect it is fair to say that something is PRISM-proof if:

   a) the system lacks the capability to provide access
   b) the operator lacks the capacity to enter into the voluntary 
arrangement, or
   c) the operator lacks the capacity to keep the arrangement (b) secret

The principle here seems to be that if the information is encrypted on 
the server side without the keys being held or accessible by the 
supplier, then (a) is met [1].

Encryption-sans-keys is an approach that is championed by Tahoe-LAFS and 
Silent Circle.  Therefore I think it is reasonable in a marketing sense 
to claim it is PRISM-proof, as long as that claim is explained in more 
detail for those who wish to research.

In this context, one must market ones product, and one must use simple 
labels to achieve this.  Otherwise the product doesn't get out there, 
and nobody is benefited.


[0] E.g., the lavabit supplier can be considered to have not volunteered 
the info, and google can be considered to have not volunteered to the 
Chinese government.
[1]  In contrast, if an operator is offshore it would meet (b) and if an 
operator was some sort of open source distributed org where everyone saw 
where the traffic headed, it would lack (c).

> Regards,
> Zooko
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography

More information about the cryptography mailing list