Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Books Book Reviews

Book Review: Burdens of Proof 70

benrothke writes "When the IBM PC first came out 31 years ago, it supported a maximum of 256KB RAM. You can buy an equivalent computer today with substantially more CPU power at a fraction of the price. But in those 31 years, the information security functionality in which the PC operates has not progressed accordingly. In Burdens of Proof: Cryptographic Culture and Evidence Law in the Age of Electronic Documents, author Jean-François Blanchette observes that the move to a paperless society means that paper-based evidence needs to be recreated in the digital world. It also requires an underlying security functionality to flow seamlessly across organizations, government agencies and the like. While the computing power is there, the ability to create a seamless cryptographic culture is much slower in coming." Keep reading for the rest of Ben's review.
Burdens of Proof: Cryptographic Culture and Evidence Law in the Age of Electronic Documents
author Jean-François Blanchette
pages 288
publisher MIT Press
rating 9/10
reviewer Ben Rothke
ISBN 978-0262017510
summary Excellent overview and history of using cryptography to build a trust framework
The so called Year of the PKI has been waiting for over a decade, and after reading Burdens of Proof, it is evident why a large-scale PKI will be a long time in coming. More than that, getting the infrastructure in place in a complex environment that exists in the USA with myriad jurisdictions and technologies may prove ultimately to be impossibility.

The irony is that an effective mechanism for digital authentication would seem to be an indispensable part of the digital age. The lack of such an authentication infrastructure may be the very reason that fraud, malware, identity theft and much more, are so pervasive on the Internet.

The premise of this fascinating book is that the slow decline from the use of paper from a legal and evidentiary perspective has significant consequences. For the last few hundred years, paper has been ubiquitous in modern life; from legal and health records, school, employment and everything in between.

The book details the many challenges that businesses and governments face in moving from a paper-based record society and the underlying trust mechanisms that go along with it, to a new digital-based record system, and how a new framework is needed for such a method. The book details part of that new framework.

The book opens with an observation on the authenticity of President Obama's birth certificate. While Blanchette is not a birther, he does note that if the moral authority of paper records has diminished, then the electronic documents replacing them, which are what the Obama administration provided, appear to be even more malleable. And that is precisely the issue that he addresses.

Blanchette details a compelling story and writes it as an insider. He was a member of a task force appointed in 1999 by the French Ministry of Justice to provide guidance on the reform of the rules governing the admissibility of written evidence in French courts, into a digital format.

The first few chapters provide an excellent overview of the history of cryptography. Chapter 3 – On the Brink of a Revolution– gives an excellent summary of cryptography from 1976 on, starting with seminal research that was done by Diffie and Hellman, and Rivest, Shamir and Adleman (RSA).

In chapter 5, Blanchette details his narrative about how France embraced and moved to a more digital governmental framework. He notes that the challenge was that France was the country that gave bureaucracy its name, and is a place where citizens must carry at all times their papers d'identite and is a society enmeshed in paper. Blanchette writes of the many French bureaucracies that had to let go of their protectionist stances as they moved down the path to letting electronic documents have legal validity.

Blanchette writes that in France, one of the biggest impediments to moving to a digital framework were the French civil-law notaries or notaire. French notaries are much more powerful than a notary public in the US, and are closer to being what a paralegal does in the US.

The French notaire are a wealthy and powerful monopoly when it comes to issues of purchases, sales, exchanges, co-ownerships, land plots, leases, mortgages and the like. A notaire can form a corporation prepare commercial business leases and much more. The entire French notary profession had been dependent on its monopoly to grant authenticity, and no definition of electronic authenticity could emerge and succeed if it did not meet its criteria.

While paper trust may be intuitive now, Blanchette writes that it wasn't always the case. When documents were first created (whenever that may have been), they did not immediately inspire trust. As with other innovations, there was a long and complex period of evolution needed to gain accepted levels of trust.

In chapter 6, the books notes that many people assumed cryptography would be the mechanism that would inspire trust in the digital world. Blanchette writes that the mistake cryptographers made and sometimes continue to make; is that they often assumed that the properties of cryptographic objects will translate transparently into the complex social and institutional setting in which they are deployed in.

This was incisively noted in Why Johnny Can't Encrypt, which was a usability evaluation of PGP by Whitten and Tygar. The author's observed that user errors cause or contribute to most computer security failures, yet user interfaces for security still tend to be clumsy, confusing, or near-nonexistent. While the paper was written in 1999, most of its findings are still relevant.

Chapter 6 provides 3 fascinating case studies that show have different approach to security technology and cryptographic deployments are imperative in ensuring that they work.

In just under 200 pages, the books 7 chapters provide both a fascinating overview of the history of cryptography, in addition to showing how cryptography can be effectively used to authenticate digital documents. The book also has a high-level framework (a comprehensive framework would require at least 5 times as many pages) for an effective cryptographic framework for digital trust.

As Blanchette notes many times in the book, the challenge with getting digital signatures to work is not with the technology; rather it is with the underlying societal infrastructure in which to make it work. France was brought kicking and screaming into the age of electronic authentication, and is one of the few countries that have had such widespread success.

The book is a fascinating read that details how frustrating difficult it has been to create a comprehensive mechanism for digital authentication. The book raises many beguiling questions, and Blanchette is smart enough to notes that there are no simply answers to these multifaceted problems.

Burdens of Proof: Cryptographic Culture and Evidence Law in the Age of Electronic Documents is both a fascinating overview of the history of paper and electronic authentication, in addition to providing a synopsis of what it will take to make create a cryptographic culture, where digital evidence will be as accepted in the courtroom, as its antique paper cousin.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase Burdens of Proof: Cryptographic Culture and Evidence Law in the Age of Electronic Documents from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
This discussion has been archived. No new comments can be posted.

Book Review: Burdens of Proof

Comments Filter:
  • The security, the protocol, the encryption, BUT, as you already guessed, our sweat government does not want us to have secure and secret documents, without the ability to spy on them, whenever they want to, and for whatever funny reason.
    • Nice conspiracy theory...u have the slightest bit of evidence to back up your claim?
      • by Antique Geekmeister ( 740220 ) on Monday December 24, 2012 @04:56PM (#42383693)

        There's the prosecution of Phil Zimmerman for publishing PGP, the failed attempt to publish the "SkipJack" algorighm with all keys held for law enforcment use, the new "Trusted Computing" toolkit with all keys held by Microsoft with no legal assurance of their privacy against warrant-free access under the "Patriot Act", there's the Patriot Act isself, and then there is US federal law at http://www.ecfr.gov/cgi-bin/text-idx?SID=9ae4a21068f2bd41d4a5aee843b63ef1&c=ecfr&tpl=/ecfrbrowse/Title15/15cfrv2_02.tpl#730 [ecfr.gov].

        It's frightening reading. Widespread domestic security for electronic documents is being sacrificed to permit government access to communications, both foreign and domestic, with and without court order or knowledge of anyone being monitored. The fiber optic taps in AT&T's core data center planted by the NSA were quite real, quite illegal, and the personnel involved have been given immunity.

      • The key length for all the bank transaction is a joke. Any sane government with enough computer power could crack it. Translated: USA, USSR, China... Just for comparison, the key length for encrypting the traffic in Microsoft Windows platform is 2048. I wonder why!!!!
        • what 'key length' u referring to? AES is now very strong and 100% unbreakable.
        • 2048 bit encryption is far beyond the capabilities of any entity on earth (or even all combined) to brute-force. 256 bit AES is still considered beyond the reach of government to decrypt, but it is perhaps out of reach only by a factor 1000 or so. 2048 bit is perfectly secure.

          Besides, since private entities cannot guarantee their physical security, how many bits they use is completely inconsequential : this is why [xkcd.com]. To protect a few files on your harddrive from your employer or your mom, 3bit encryption is p

    • Well, this guy [slashdot.org] is dead now, so there might be less sweat [thefreedictionary.com] government than you think!
    • As to our govt., you do realize the the mayan apocolypse really did happen...the govt. just covered it up.
    • I think there is a lot of hype around the NSA and their capability to encrypt. We have never seen a single instance where thy have gone to the courts and shown they decrypted strong encryption without some external vulnerability.
  • i can assume this was written by a moderate person by is qualification of "substantially".

  • EVERYTHING related to PC's is still, after 30 years, a clumsy bolt-on. Hell, networking and printing still have to be added, tweaked and configured and VPN is still a mess. As long as we tolerate companies like MS shoveling Windows 8 at us while the guts under the covers are garbage, this is what we'll get. I mean with a multicore processor there's no way to make one of those cores a security specific ASIC that does all the heavy lifting for security across the board in hardware. But we'll never get that be

  • I should begin crowdsourcing a slew of form documents, in the style of "here is why your spam solution won't work".

    Beginning with "So you wrote up a cyber law. It won't work. Here's why it won't work."

    NOTHING can be saved if it can't be freely copied by anyone from anywhere. Most documents won't survive anyway, lacking interest in making copies for all of the time they're available.

    The one and only way to keep a document is to have it freely copyable by everyone everywhere forever, end of story. Everything

  • Amazon "search inside this book" has no results for "NP" as in P vs. NP. How can that be? The book doesn't draw the connection to this major relevant open question on one hand, but has "burden of proof" in the title on the other hand?

  • And 64KB on the motherboard. I know, I had one.

    • Y'know, I wondered if anyone was going to point out something along those lines. Actually, IIRC, the original maximum "official" memory capacity of the early 64K PC1 was in fact 256K if you only used official IBM memory expansion cards, but the memory map officially allowed up to 512K of RAM (and was supported by some 3rd party expansion cards). A few years later, IBM apparently realized that there wasn't really a need to reserve the entire remaining 512K of addressing space for ROM and device-specific RA

      • The original 64KB 5150 motherboard (4 banks of 16KB each) supported 512KB AST and other 3rd-party option cards, but carried ROMs that had a total system limit less than 640KB. The second gen motherboard supported 4x 64KB, of 256 KB on the motherboard, and 640KB of main memory overall. My recollection is of some number like 512KB + 32KB, for a total of 544KB, but it could have been 512KB+64KB, or 576KB; STILL not 640KB. I remember this because I once had to replace ROMs from gen 1 motherboards so I could

  • In the paper world you have to invest significant resources to forge each paper document. In the digital world if you can forge one document with a free tool you can forge as many as you want. To raise the cost of being able to forge a digital document beyond what an attacker is willing to pay the cost of legitimate use becomes greater than the benefit.

    One possible solution is a hierarchy of security where the higher layers increase both the cost of forgery and the cost of legitimate use and let the mark

    • Good point...Bruce Schneier has written tons on this topics.

    • We need to be clear about what EV is. It's not about SSL, it's about X.509. It doesn't solve a technical problem because EV identifies no technical problem with X.509 certificates. EV promises a procedural solution to a procedural problem, namely the failure by Certificate Authorities to take reasonable care to check the real-world credentials of certificate requestors in order to determine that they are who they claim to be. In effect, the CAs are saying, "Yeah, well, we were a bit negligent the last
    • by rfc1394 ( 155777 )

      To raise the cost of being able to forge a digital document beyond what an attacker is willing to pay the cost of legitimate use becomes greater than the benefit.

      Exactly why we have spam. Make sending forged address and spammy e-mail require prepaid costs such that it was as expensive as snail mail and spam would drop from 90% of mail to less than 0.1%. It's only because it costs nearly nothing either directly for small quantities (like phishing scams) or via botnets to send huge quantities of spam (for bulk ads for fraudulent products including erectile disfunction drugs) that so much can be generated. We have some partial solutions but the entire solution requires

  • Jean-François Blanchette

    When TFA text is managed by Slashdot's encoding you know something is wrong. I know Unicode has its problems but it really should be a priority at this point.

Any sufficiently advanced technology is indistinguishable from a rigged demo.