The TimeVault electronic document storage system was designed by Dr. David Farber of the University of Pennsylvania. This system is the result of an independent research project developed to test the plausibility of encryption storage. TimeVault provides secure electronic storage for documents using asymmetric-key encryption. TimeVault customers specify the time period of document storage. While in storage, these documents are inaccessible to everyone including thieves, Government and TimeVault employees. Documents released from TimeVault are made accessible to the general public through the World Wide Web or other instructions issued by the customer.
Anyone who needs private, secure document storage is potentially a TimeVault customer. Industries wanting to protect research and development secrets would use TimeVault to securely store these documents. Government espionage agencies like the CIA or FBI could store classified papers safely in TimeVault. On the other hand, someone participating in illegal acts could store documents here privately and anonymously. TimeVault guarantees individual privacy through it's military grade encryption practices. The fact that illegal transactions can be stored safely in TimeVault is a area of great debate.
The development of asymmetric-key encryption technology has raised questions regarding a user's right to privacy. Should TimeVault be required to make decryption keys available to public law enforcement personnel to minimize illegal document storage? Would this infringe on a person's right to privacy guaranteed under the fourth constitutional amendment? Questions like these have spawned a debate regarding the privacy issue. The Clinton administration has drafted a bill called the Clipper-III that deals with the encryption dilemma. The Center For Democracy and Technology had the following to say about Clipper III:
The draft proposal, "Achieving Privacy, Commerce, Security and Public Safety in the Global Information Infrastructure," would establish a new "public key infrastructure" for encryption. Such a public key infrastructure would enable users of encryption to clearly identify the people they are communicating with, and is widely viewed as an important prerequisite for the widespread use of secure electronic communications. However, the Clipper III proposal would establish this infrastructure at a price: All users of the public key infrastructure would have to ensure government access to their encryption keys through an approved key escrow agent.
Should TimeVault and other companies utilizing encryption techniques follow the same guidelines as telephone companies which allow for Government wiretapping? The Global Information Infrastructure must provide answers to these types of questions.
Asymmetric-key encryption technology utilizes two keys placed in escrow. One key is used to encrypt a document and the other to decrypt. A document encrypted with one key can only be decrypted with it's counterpart. Decryption keys are stored at safe institutions such as banks and securities firms worldwide. TimeVault enhances it's document security additionally by fragmenting their decryption keys. As a result, no one institution houses the entire decryption key. A mathematical formula is used to generate fragment sequences which are distributed to safe institutions worldwide. The mathematical formula also guarantees that documents will not be irretrievably lost in the TimeVault system. A lost key fragment can be recalculated using this formula. Documents are decoded on their specified date by recombining key fragments released from safe institutions and applying the decryption key to the document. Key fragments are never released before this date.
TimeVault encrypts documents using the PGP (Pretty Good Privacy) algorithm developed by Philip Zimmermann. PGP has been in use for the last twenty years and is very reliable. "NetGuide" had the following to say about PGP:
There are special programs to crack encrypted e-mail, but PGP is designed so that, by some estimates, a computer using one-billion chips, each far more powerful than any that exist today, would require ten-trillion years to try all possible combinations generated by just one of the encryption algorithms used in PGP. There are other encryption programs available, but as Zimmermann asks rhetorically, "Which has the government most upset?"
PGP is so renowned for it's indecipherable codes that it is illegal to export it out of the United States. The federal government lists PGP as munitions which are prohibited from exportation. This reduces the risk of PGP falling into unfavorable foreign hands. Law enforcement agencies could not decipher e-mail or other terrorist transmissions encrypted by PGP. PGP is available to anyone in the United States by downloading the software from MIT.
Currently, TimeVault transmissions can only be received from UNIX machines. Download and install the software on your UNIX machine. To run the program, type: sh TimeVault, from the TimeVault directory. The submission program will prompt for document information and a credit card number for payment. The cost is $10.95 per kilobyte per year. The submission program will transfer your document via Internet e-mail. If your system does not have PGP installed, encryption will transpire after document transmission. TimeVault can store plain text, word processor, graphics or spreadsheet documents. Please read this disclaimer.
A list of publicly available documents can be viewed here. The following gif file was made available to the general public by TimeVault on January 20, 1996.
TimeVault utilizes state-of-the-art encryption techniques to offer their customers anonymous, safe document storage. Documents stored in TimeVault are encrypted and stored for a customer specified period of time. While in storage, these documents can not be decrypted or read by anyone including Government officials. TimeVault adds an extra measure of security by fragmenting decryption keys which are stored at safe institutions until the document release date. TimeVault offers it's services to anyone on a anonymous level, implying that legal as well as illegal documents can be stored here. New encryption technology has forced the Government to propose new policies regarding access to decryption keys.
Bibliography
TimeVault - Download Page,
http://homepage.seas.upenn.edu/~brianj/TimeVault/download.html, 11/16/96
TimeVault Home Page,
http://homepage.seas.upenn.edu/~brianj/TimeVault/index.html, 11/16/96
PGP- Pretty Good Privacy,
http://arc.unm.edu/~drosoff/pgp/pgp.html, 11/16/96
CDT-Clipper III Analysis,
http://www.cdt.org/crypto/clipper_III/clipper_III_analysis.html, 11/25/96