Using crypto to solve a part of the DNS/TM mess

Michael Froomkin - U.Miami School of Law (froomkin@law.miami.edu)
Fri, 26 Feb 1999 23:02:48 -0500 (EST)

• Next message: Niels Möller: "Re: SSL sans RSA"
• Previous message: David Honig: "Re: relative effectiveness of Blowfish encryption"
• Next in thread: Anonymous: "Re: Using crypto to solve a part of the DNS/TM mess"
• Maybe reply: Anonymous: "Re: Using crypto to solve a part of the DNS/TM mess"
• Reply: bram: "Re: Using crypto to solve a part of the DNS/TM mess"
• Reply: Bill Stewart: "Re: Using crypto to solve a part of the DNS/TM mess"

As some of you may know, I'm involved in a little brawl about domain
names (details at http://www.law.miami.edu/~amf).

It would be really useful to have a cryptographic solution to a part of
the problem.

Suppose we move to a system of Domain Name registrations in which people
can be anonymous, or pseudonymous, but at the same time wish to have some
way of identifying the people engaged in large-scale domain name
speculation. Are these ends compatible? In a world without distinguished
names, is there a way to design a system that has these properties (#3 is
the hard one):

1) every registrant can be anonymous or pseudonymous but must provide
contact details that could be accessed in the event of a subpoena. They
would not show up on whois to the whole world. (data is entered into a
computerized form with no human verification) The best version has the
data put in some form whichthe registrant can decrypt when the subpoena
comes or else lose the domain name.

2) registrants who provide false contact details can be detected upon a
challenge by a third party, but the third party does not get to know
accurate contact details.

3) it is possible for a third party who wishes to challenge the
registration of Domain DN1 to find out how many other domains have been
registered by the owner of DN1, and what they are, without necessarily
finding out the identity of the registrant.

I'm willing to hypothesize the existence of an honest broker if I
have to, in which case #s 1 & 2 are trivial, but I would rather not.

We must assume that some registrants are malicious and will lie like a rug.

Best I can do is to publish a hash (or public-key encryption if the hash
is too easy to break on a small range of numbers like telephone numbers)
of their phone numbers, on theory that people usually only have a small
number of lines. But that's not very good. Certainly names and/or
addresses won't do it given the possibilities for creative data entry....

Like I always say, I'm not a cryptographer, I just know several.

A. Michael Froomkin | Professor of Law | froomkin@law.tm
U. Miami School of Law, P.O. Box 248087, Coral Gables, FL 33124 USA
+1 (305) 284-4285 | +1 (305) 284-6506 (fax) | http://www.law.tm
                    --> It's warm here. <--

• Next message: Niels Möller: "Re: SSL sans RSA"
• Previous message: David Honig: "Re: relative effectiveness of Blowfish encryption"
• Next in thread: Anonymous: "Re: Using crypto to solve a part of the DNS/TM mess"
• Maybe reply: Anonymous: "Re: Using crypto to solve a part of the DNS/TM mess"
• Reply: bram: "Re: Using crypto to solve a part of the DNS/TM mess"
• Reply: Bill Stewart: "Re: Using crypto to solve a part of the DNS/TM mess"