Cryptography can bring novel solutions
Transparency increases confidence and trust. I often use a story from the August 1931 edition of Popular Mechanics to illustrate this point. The article concerns the relationship between transparency and behaviour in the specific case of depression-era extra-judicial unlicensed wealth redistribution...
BANK hold-ups may soon become things of the past if the common-sense but revolutionary ideas of Francis Keally, New York architect, are put into effect. He suggests that banks be constructed with glass walls and that office partitions within the building likewise be transparent, so that a clear view of everything that is happening inside the bank will be afforded from all angles at all times.[From Glass Banks Will Foil Hold-Ups]
I urge you to clink on the link, by the way, to see the lovely drawing that goes with the article. The point is well made though: you can't rob a glass bank. No walls, no Bernie Madoff. But you can see the problem: some of the information in the bank is confidential: my personal details, for example. Thus, it would be great if I could look through the list of bank deposits to check that the bank really has the money it says it has, but I shouldn't be able to see who those depositors are (although I will want third-party verification that they exist!).
Why am I talking about this? Well, I read recently that Bank of America has called in management consultants to help them manage the fallout from an as-yet-nonexistent leak of corporate secrets, although why these secrets be prove embarrassing is not clear. In fact, no-one knows whether the leak will happen, or whether it will impact BofA, although Wikileaks' Julian Assange had previously mentioned having a BofA hard disk in his possession, so the market drew its own conclusions.
Bank of America shares fell 3 percent in trading the day after Mr. Assange made his threat against a nameless bank[From Facing WikiLeaks Threat, Bank of America Plays Defense - NYTimes.com]
Serious money. Anyway, I'm interested in what this means for the future rather than what it means now: irrespective of what Bank of America's secrets actually are because
when WikiLeaks, a whistle-blowing website, promised to publish five gigabytes of files from an unnamed financial institution early next year, bankers everywhere started quaking in their hand-made shoes. And businesses were struck by an alarming thought: even if this threat proves empty, commercial secrets are no longer safe.[From Business and WikiLeaks: Be afraid | The Economist]
Does technology provide any comfort here at all? I think it does. Many years ago, I had the pleasant experience of having dinner with Nicholas Negroponte, John Barlow and Eric Hughes, author of the cypherpunk manifesto, at a seminar in Palm Springs. This was in, I think, 1995. I can remember Eric talking about "encrypted open books", a topic that now seems fantastically prescient. His idea was to develop cryptographic techniques so that you could perform certain kinds of operations on encrypted data: in other words, you could build glass organisations where anyone could run some software to check your books without actually being able to read your books. Nick Szabo later referred back to the same concepts when talking about the specific issue of auditing.
Knowing that mutually confidential auditing can be accomplished in principle may lead us to practical solutions. Eric Hughes' "encrypted open books" was one attempt.[From Szabo]
Things like this seem impossible when you think of books in terms of paper and index cards: how can you show me your books without giving away commercial data? But when we think in terms of bits, and cryptography, and "blinding" it is all perfectly sensible. This technology seems to me to open up a new model, where corporate data is encrypted but open to all so that no-one cares whether it is copied or distributed in any way. Instead of individuals being given the keys to the database, they will be given keys to decrypt only the data that they are allowed to see and since these keys can easily be stored in tamper-resistant hardware (whereas databases can't) the implementation becomes cost-effective. While I was thinking about this, Bob Hettinga reminded me about Peter Wayner's "translucent databases", that build on the Eric's concepts.
Wayner really does end up where a lot of us think databases will be someday, particularly in finance: repositories of data accessible only by digital bearer tokens using various blind signature protocols... and, oddly enough, not because someone or other wants to strike a blow against the empire, but simply because it's safer -- and cheaper -- to do that way.[From Book Review: Peter Wayner's "Translucent Databases"]
There are other kinds of corporate data that it may at first seem need to be secret, but on reflection could be translucent (I'll switch to Peter's word here because it's a much better description of practical implementations). An example might be salaries. Have the payroll encrypted but open, so anyone can access a company's salary data and see what salaries are earned. Publish the key to decrypt the salaries, but not any other data. Now anyone who needs access to salary data (eg, the taxman, pressure groups, potential employees, customers etc) can see it and the relevant company data is transparent to them. One particular category of people who might need access to this data is staff! So, let's say I'm working on a particular project and need access to our salary data because I need to work out the costs of a proposed new business unit. All I need to know is the distribution of salaries: I don't need to know who they belong to. If our payroll data is open, I can get on and use it without having to have CDs of personal data sent through the post, of whatever.
I can see that for many organisations this kind of controlled transparency (ie, translucency) will be a competitive advantage: as an investor, as customer, as a citizen, I would trust these organsations far more than "closed" ones. Why wait for quarterly filings to see how a public company is doing when you could go on the web at any time to see their sales ledger? Why rely on management assurances of cost control when you can see how their purchase ledger is looking (without necessarily seeing what they're buying or who they are buying it from) when you can see it on their web page? Why not check staffing levels and qualifications by accessing the personnel database? Is this any crazier than Blippy?
These are personal opinions and should not be misunderstood as representing the opinions of
Consult Hyperion or any of its clients or suppliers
CommentsCommenting is not available in this channel entry.
The English language version of this work is licensed under Creative Commons Attribution-ShareAlike 3.0 Unported License. If you wish to acquire the rights to make a foreign language translation of the work, please contact Consult Hyperion.
Please note that by replying in this Forum your comments become the property of Consult Hyperion and you assign all rights in your comment to us. Your comments may be edited for length and used online and in print but will always be attributed.
Meet us at:
- May 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- November 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010