Re: [freehaven-dev] Ostrovsky on "Private Information Storage"

[dmolnar <dmolnar@hcs.harvard.edu>]

On Wed, 3 May 2000, Joseph Sokol-Margolis wrote:
> I believe we also concluded something along the lines of:
> It doesn't matter whether or not you *actually* had the file, you
> conspired to have/protect/obscure it, and that would be enough. 

Ah - right. This goes back to a distinction brought up on Sunday -- that a
protocol has to protect users against _suspicion_ , not just against being
provably convicted of doing something. 

So  what would an "ideal" publishing system look like from
this point of view? I guess the truly ideal one would be in which it could
not be even suspected that you were part of the servnet, even after your
computer had been seized and all passwords beaten out of you. That's not
going to happen. 

The next best thing seems to me to be that there is never any reason to
suspect that you in particular hold or ever held a particular file. You
are just as suspicious or not suspicious as everyone else in the servnet. 
This holds even if your node is seized and all passwords beaten out of
you. This holds even if you entered the servnet with the INTENTION of 
being caught with a particular file (i.e. you are a "self-coercing" node).

Are there further steps ? or "degrees", along the lines of "you are always
lumped in with a suspicious group of some minimum size given the total
size of the servnet is..."

> I think we also wanted to check with a lawyer.

Yeah. It might be helpful to know just what the standards of evidence are
in the U.S. and other countries, to see what kinds of bars exist and what
we might have to worry about. 

Thanks 
-David