chaum@mcvax.cwi.nl (David Chaum) (04/20/87)
Around Christmas before last I was quite surprised to learn that most paper letters in the U.S. go through one of a hundred or so giant machines that try to automatically read the last line of the address and translate this to a bar code, which is printed on the envelopes before they are deposited in appropriate bins. It occurred to me that extension of such techniques might have serious implications, since in the U.S. there are no laws limiting the postal service in its use of information written on the outside of envelopes. In fact, manual recording of such information by the postal service on all mail sent or received by certain individuals targeted by government agencies, an activity called a "mail cover," apparently has been quite widespread. Of course with computerized reading of complete addresses on a mass basis, paper mail might also be subject to covert and possibly retroactive traffic analysis, and even to further inferences based on patterns of associations and timing. A possible solution to the problem occurred to me then. The idea is just a straight-forward adaptation of the blind signature payment system already published (CACM Oct. 85). The mailer uses say a dot matrix to print an electronic bank note on each envelope; when the envelope is processed by the post office, the bank note is read and verified. Just as in the basic untraceable payment system, the payers (mailers) use their own computers to obtain the signed blinded notes from the bank (post office); these computers then check, unblind, and store the notes; and ultimately the notes are provided as a form of payment (printed on envelopes). When the signed note numbers are received by the payee/bank (post office), in addition to the checking of their digital signatures, they are checked against a list of already spent numbers and are rejected if they already appear on the list. Return addresses need not even appear on envelopes, but the electronic note could be extended with a machine readable indication of the zip code to which its letter should be delivered. If a piece of mail turns out to be undeliverable, part of the electronic bank note printed on it is published, which should give the sender the opportunity to resend or reclaim it. In the last year or so, the U.S. Postal Service has been trying to do away with postal meters by allowing a new way to pay for mail. This involves delivery to the post office of a computer generated "manifest" document indicating the number of pieces of each weight and class along with a floppy disc containing a complete list of the addresses of each piece of mail. It seems to me that such manifests: give the advantages of computerization to big organizations at the expense of small ones and individuals; give significant data to the postal service already in computer readable form; and open the possibility of corruption in accepting large shipments of mail without proper inspection or charging. The alternative proposed above, blind signature stamps, on the other hand, seems to solve these problems and reduce the need for optical character recognition applied to addresses on letters.