Hacker News new | past | comments | ask | show | jobs | submit login
Finger Printing Data [pdf] (iacr.org)
43 points by lainon 10 months ago | hide | past | web | favorite | 5 comments

Is the substantive contribution here establishing a chain of custody from a single signature, rather than a chain of signatures? I only skimmed the paper, but I don't see how it would help us investigate breaches (wouldn't the attacker just remove the signature before publishing the database?) or authenticate based on SSNs (if I wanted to sign SSNs, why wouldn't I use a more conventional approach?).

The naming is unfortunate because "fingerprinting codes" are already a well-studied concept in CS, for a related but apparently different purpose (see e.g. [1]). This paper does not seem to be peer-reviewed or published, and I don't think it explains its goals very clearly.

[1] "Optimal Fingerprinting Codes", Gabor Tardos. https://dl.acm.org/citation.cfm?doid=1346330.1346335

I also don't think it's appropriate for a cryptography paper to cite 4 articles about breaches and 0 articles about signing, and to mention the word "cryptography" 0 times and "signature" once. Seems like the author might realize that there's a body of work on this subject that they should engage with.

> Data, normally, does not contain the information as to how many readers it had, and rarely who was its writer.

It would be cool if the act of reading the paper changed its representation.

This idea is absolute rubbish

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact