
Drug cartels use dollar bill serial numbers as random keys for delivery receipts - dskrvk
https://twitter.com/arawnsley/status/1151849118790246402
======
carrozo
Banksy uses a similar system to authenticate his work:

[https://boingboing.net/2019/03/31/di-faced-
note.html](https://boingboing.net/2019/03/31/di-faced-note.html)

~~~
ChinoD
The concept of tearing a document in half is an age old authentication
mechanism. This is where we get the lega terminology "party of the first part"
and "party of the second part": a deed to land would be written out by a
scrivener in duplicate on parchment, and then the parchment would be cut in
half by hand using a scalloped cut. Matching up the halves would authenticate
the title of the grantee.

~~~
jbverschoor
Or you have a stock market. Where you break a stick (Dutch: stok) in half and
match pairs

~~~
dredmorbius
Similarly, talley sticks.

Responsible for the 1834 burning of Parliament:

[https://addiator.blogspot.com/2011/05/tally-sticks-and-
burni...](https://addiator.blogspot.com/2011/05/tally-sticks-and-burning-of-
parliament.html)

------
PeterisP
The key part here seems to be protection against all kinds of message
interception attacks - if I listen in on the conversation and hear that the
code is 12345678, then I can't easily create a dollar bill with that code on
it, and probably even the FBI can't do it quickly enough for it to be useful.

~~~
hn_throwaway_99
Yeah, I think the thing that confused me originally is that the headline talks
about the serial numbers as "random keys", which to me implied something
related to requiring the properties of randomness (e.g. evenly distributed).

But they're not random keys at all, they're just guaranteed to be unique.
Uniqueness and randomness are totally different aspects, one that often trips
up some developers who think that UUIDs (which are guaranteed to be unique)
are also guaranteed to be random (not necessarily).

~~~
fisherjeff
But the randomness of the serial numbers is very important here too: If
someone could predict upcoming keys, the system could be broken.

~~~
hn_throwaway_99
> But the randomness of the serial numbers...

That sentence is an oxymoron. They are called "serial" numbers because they
are applied in series, i.e. one right after the other.

The randomness is not important. The person setting up the drop already has
the dollar bill in hand. The important thing is that the bill can't be
duplicated.

~~~
nieve
A random selection from a set of in-series numbers is still random, it's just
got a potentially known range.

------
brownbat
How many drops tried to claim they didn't get any money or that the courier
forged a receipt before they invented physical nonrepudiation?

And it's nonrepudiation without identity, the identifying info is destroyed in
the transaction.

The courier could just take a cell phone photo of the drop, but no one wants
that evidence trail. One time use serials are perfect.

And despite some characterizations, seems to me like uniqueness is more
important than randomness here, which is good, because serial numbers are
better at that.

~~~
diminoten
The randomness is generated by the tear of the dollar itself, isn't it?

~~~
brownbat
You could generate a key that way, but then we'd expect pre-distribution of
each side. That would help confirm identities to both sides - if the courier
and drop don't know each other, they just match the bill halves before
dealing. As I understand it though, they're tearing on site.

So I think they're mainly trying to prevent the drop from stealing the money
(claiming the courier never showed), and prevent the courier from stealing the
money (claiming the drop has it). If C steals, D can now say, "I still have
the Boss's whole dollar, why didn't C come take it?" If D steals, C can say "I
have part of the dollar, proving delivery."

The boss is also trying to simplify this protocol, make sure low level drug
offenders don't have to do a complex ledger entry during the commission of a
major crime.

The tear might be purely symbolic, to make it look more symmetric to both
parties, who may or may not have read Schneier.

Or... the tear could be preventing the D from ambushing C during the exit.
Once the bill is torn, it would be hard to claim the courier never showed,
even if they could get both parts of it back.

~~~
diminoten
Sorry for only now replying to this, but are you saying basically the tear
itself isn't actually that valuable in this process? That proving that _your_
half matches up with the _other_ half of the bill isn't important at all?

I see what you're saying otherwise, and it's not like I can really think of a
specific situation where re-joining the dollar would be important, but I am
curious if you've got any thoughts on how that might be useful, if at all.

------
p1mrx
So a dollar bill is an inexpensive (on the scale of crime) sheet of paper pre-
printed with a unique number that's somewhat difficult to forge. If you rip it
up, that number won't be used again.

How are they making use of this feature set? I'd like to see a diagram with
arrows and stuff.

~~~
bproctor
Took me a bit to understand, courier doesn't have the bill, the drop does.

Boss: "Courier, deliver this money to <address>, code is 12345678" Courier: at
<address>, "Hey Drop, what is the code?" Drop: "Code is 12345678" Courier:
"That's correct, Here's you're money" Drop: Tears bill in half and hands part
with serial number to Courier as proof

~~~
cpeterso
Why would the Drop need to retain half the serial number? They have received
the goods.

~~~
bartwe
Ensuring the code isn't reused, to put in a ledger, to avoid some kind of
replay attack, having someone pretend to be the courier and get the key to
then replay to the real courier. Dunno, probably many many things avoided by
making the key not usable but still verifiable.

~~~
trickstra
I can think of only one scenario when it would make sense to destroy the bill
- if the Drop is still able to present the whole bill after the Courier says
they delivered the package, that is a proof the Courier is lying or got played
and didn't verify the code. Drop is the one who has motivation to keep the
bill intact, Courier uses the bill as proof of delivery, and cuts it in half
just to be safe that someone from the Drop won't stop them at gunpoint after
the delivery, stealing the whole bill.

------
wrs
I can’t find any direct evidence now, but I remember hearing (probably in the
80’s) that one of the ideas suggested for assigning Ethernet MAC addresses was
to use dollar bill serial numbers, to avoid having to set up and run a central
registry forever. However, it’s technically illegal to destroy currency and
the cost of $1 per address would eventually become uneconomic.

------
dpacmittal
This has been done in India for since forever.

~~~
iamgopal
Angadiya ( havala ) or cash transfer has been done like this since ages, and
most of them are from not so educated background, but very rich doing this.
Interesting thing is when Bitcoin was at its pick, they adopted Bitcoin as a
currency transaction quite quickly.

------
jancsika
I'd love to see a detailed list of the features of this dollar exchange system
that make it preferable to any of the relevant software systems currently in
existence.

My guess is that such a list can generalize to HCI and help reveal some of the
garbage assumptions behind a lot of common software (esp. cryptography-related
software).

------
mysterypie
Anyone know what document the article the quoting? And what does DTMLO stand
for? My web searches revealed nothing.

~~~
hcs
I'm guessing Drug Trafficking/Money Laundering Organization.

Yup, looks like it's more commonly written DTO/MLO.

------
eb0la
Back un college se used as fandom seeds the first word and page number of a
dictionary someone left behind long ago....

SSL certificate passwords were easy to remember as long as nobody removed the
bookmark no that useless dictionary.

------
lrem
As portrayed in the 1997 Polish comedy Killer.

------
mongol
I don't understand...

~~~
JudgeWapner
you have enough drugs on you to land you in jail for multiple decades. you're
scheduled to exchange them for cash with some unknown person. you meet the
person, but how do you know it's really the person or the police or an
unauthorized buyer? Well, your boss tells you the buyer will have a dollar
bill with serial number 123-XYZ. You meet up, he produces the bill with
correct serial, so you commence business.

~~~
zrobotics
And after the drop-off, the courier retains half of the bill w/ a serial # as
proof that the delivery did occur. This prevents the buyer from later claiming
"the delivery never occurred, the courier must have stolen the
drugs/contraband". If that claim is made, the courier can produce the note as
proof of delivery.

------
gcb0
So it is just a way to pick a (random) number that will be shared and compared
between three parties?

~~~
kijin
It would seem so, with a trusted fourth party (the US treasury) acting as the
RNG.

But after the initial exchange, another random element is generated: the bill
is torn in half, so if you want to forge your part, you'll have to tear it in
just the right way to match the other part. This is probably going to be even
more difficult than forging dollar bills in the first place.

~~~
13of40
Just getting the information to forge half the bill is hard enough: Either you
have the original, in which case you don't need to fake it, or you have the
other half, in which case you've already compromised the bad guy.

~~~
dhdidhdu
Not for the Treasury, who issues coins but not bills, but for the Fed. Every
bill is a liability on the Federal Reserve’s balance sheet. Destroy the bill,
destroy the liability. That the Fed doesn’t know you destroyed it [0] is
irrelevant.

If you destroyed a coin that would be a “gift” to the Treasury, except the
metal and cost of production to replace the coin might be larger than the
worth of the coin (I.e. you destroy an old copper cent)

[0] dollar bills circulate like mad and are accounted for every time a bank
gets a hold of them (often, due to vending machines, strippers, and diner
waitresses). If a bill stops showing up, you can assign a high degree of
probability that it will never show up again. Every one bill is probably long
tailed, but money is fungible, so who cares if any one bill ends up re-
appearing?

~~~
anticensor
In high-inflation economies like Turkey, they do full emission replacements
periodically to avoid disappeared currency issue.

> Destroy the bill, destroy the liability

Except it is illegal to randomly destroy a banknote (coins are different).

~~~
crankylinuxuser
> Except it is illegal to randomly destroy a banknote (coins are different).

We're talking about drug dealers and other major crime perpetrators... And
you're thinking they care about the crime of 'destroying a bank note'?

I think it'd be safe to chalk that up to "I don't think they care".

------
onetimemanytime
In other words, the best delivery receipt is still a bounty on your head--and
entire family line--if you try to get cute. But this serves to identify the
"cowboys"

~~~
Fjolsvith
It keeps the honest criminals honest.

