The concept of tearing a document in half is an age old authentication mechanism. This is where we get the lega terminology "party of the first part" and "party of the second part": a deed to land would be written out by a scrivener in duplicate on parchment, and then the parchment would be cut in half by hand using a scalloped cut. Matching up the halves would authenticate the title of the grantee.
> The term comes from the medieval English "indenture of retainer"[1] — a legal contract written in duplicate on the same sheet, with the copies separated by cutting along a jagged (toothed, hence the term "indenture") line so that the teeth of the two parts could later be refitted to confirm authenticity
> A chirograph is a medieval document, which has been written in duplicate, triplicate or very occasionally quadruplicate (four copies) on a single piece of parchment, with the Latin word chirographum (occasionally replaced by some other term) written across the middle, and then cut through to separate the parts.
I am curious if that is something that is taught at law school or just something that is picked up over time (like anything else related or unrelated to a person's career)? [1]
[1] I am thinking that the vast majority of info that I know about business was not learned in business school.
>this is a great piece of cryptographic engineering: faking a Banksy cert involves matching the tear precisely, and also requires that a would-be counterfeiter know what was written on the other half of the note, which is stored at Pest Control and is not made available.
1. Is a piece of paper torn in half really cryptography? Wikipedia says:
>Cryptography or cryptology is the practice and study of techniques for secure communication in the presence of third parties called adversaries
I don't see how this is any different than any other anti-counterfeiting schemes that uses a hard to duplicate physical object.
2. I get how the tear might be used for authentication purposes (hard to duplicate), but what's the point of validating the contents on the other half of the note? If you matched the public half the note exactly, it's not like the private half will help you authenticate it.
> 1. Is a piece of paper torn in half really cryptography?
The "crypt" in "cryptography" means "hidden" (e.g. we hide dead bodies away in a "crypt"). Certainly if you don't know what's on the other side it
s literally hidden from you.
The tear itself is a key. Depending on your level of technology you could make a matching part by inspection of the part you have, but consider the tearing a somewhat random process given the influence of the medium (paper money will be more random than polymer). It's a quick way to exclude candidates for the match.
The actual authentication then is through the completion of the text which is presumably a harder problem. You could make some text that matches, but it's presumably hard -- not perhaps has hard as finding a hash collision.
The key part here seems to be protection against all kinds of message interception attacks - if I listen in on the conversation and hear that the code is 12345678, then I can't easily create a dollar bill with that code on it, and probably even the FBI can't do it quickly enough for it to be useful.
Yeah, I think the thing that confused me originally is that the headline talks about the serial numbers as "random keys", which to me implied something related to requiring the properties of randomness (e.g. evenly distributed).
But they're not random keys at all, they're just guaranteed to be unique. Uniqueness and randomness are totally different aspects, one that often trips up some developers who think that UUIDs (which are guaranteed to be unique) are also guaranteed to be random (not necessarily).
That sentence is an oxymoron. They are called "serial" numbers because they are applied in series, i.e. one right after the other.
The randomness is not important. The person setting up the drop already has the dollar bill in hand. The important thing is that the bill can't be duplicated.
I don't think that the system would suffer much if someone was using a stack of fresh dollar bills where the serial numbers are in order. Randomness doesn't hurt, but for the main threat models they expect (presenting a fake token, repudiation that they didn't receive the goods, etc) it's not stricly necessary.
The DEA could hypothetically ask the treasury to reprint a note with a particular serial number, given enough time. So random selection is an important property.
How many drops tried to claim they didn't get any money or that the courier forged a receipt before they invented physical nonrepudiation?
And it's nonrepudiation without identity, the identifying info is destroyed in the transaction.
The courier could just take a cell phone photo of the drop, but no one wants that evidence trail. One time use serials are perfect.
And despite some characterizations, seems to me like uniqueness is more important than randomness here, which is good, because serial numbers are better at that.
You could generate a key that way, but then we'd expect pre-distribution of each side. That would help confirm identities to both sides - if the courier and drop don't know each other, they just match the bill halves before dealing. As I understand it though, they're tearing on site.
So I think they're mainly trying to prevent the drop from stealing the money (claiming the courier never showed), and prevent the courier from stealing the money (claiming the drop has it). If C steals, D can now say, "I still have the Boss's whole dollar, why didn't C come take it?" If D steals, C can say "I have part of the dollar, proving delivery."
The boss is also trying to simplify this protocol, make sure low level drug offenders don't have to do a complex ledger entry during the commission of a major crime.
The tear might be purely symbolic, to make it look more symmetric to both parties, who may or may not have read Schneier.
Or... the tear could be preventing the D from ambushing C during the exit. Once the bill is torn, it would be hard to claim the courier never showed, even if they could get both parts of it back.
Sorry for only now replying to this, but are you saying basically the tear itself isn't actually that valuable in this process? That proving that your half matches up with the other half of the bill isn't important at all?
I see what you're saying otherwise, and it's not like I can really think of a specific situation where re-joining the dollar would be important, but I am curious if you've got any thoughts on how that might be useful, if at all.
My guess is that a lot more is involved. IMO the dollar bill thing is just one of the pieces, cartels will not hand $100 Million to strangers based on just one piece of info. This is probably to rule out someone denying drugs got delivered. But enforcement is still the best tool
So a dollar bill is an inexpensive (on the scale of crime) sheet of paper pre-printed with a unique number that's somewhat difficult to forge. If you rip it up, that number won't be used again.
How are they making use of this feature set? I'd like to see a diagram with arrows and stuff.
Took me a bit to understand, courier doesn't have the bill, the drop does.
Boss: "Courier, deliver this money to <address>, code is 12345678"
Courier: at <address>, "Hey Drop, what is the code?"
Drop: "Code is 12345678"
Courier: "That's correct, Here's you're money"
Drop: Tears bill in half and hands part with serial number to Courier as proof
Is this really that surprising? Having more than roughly $10,000 cash in the US is nearly illegal, in that you're guilty until proven innocent and the police can just take it until you prove that it was obtained legally. You may not be charged with a crime, but you're still going to lose the money. The courts are slowly inching away from this unconstitutional insanity, but a duffel bag of cash is still going to end up turning into a new Hummer for whatever local police squad finds it.
Hah. So years back, I was going to buy a car. Went to the bank and they wanted (what I considered to be) a ridiculous service fee for a cashiers check. Fine... I'll take cash from my account! Ah, need a couple days to do that sort of thing... I, was miffed and stubborn as hell... so I did just that. Came back, got fingerprinted, and picked up my pile of cash to go buy the two year old 996.
The dealership, when time came to close, absolutely freaked when I pulled out the cash. Another set of IRS forms... and sorted it after several phone calls.
People here show concern over digital privacy and net neutrality etcetera but that's just tightening the noose, because apparently they've already put one on the bare basics.
> Having more than roughly $10,000 cash in the US is nearly illegal
Where are you getting that from? [1] There is nothing even close to being illegal to possess in the US any amount of cash. There are laws to prevent illegal activity and against structuring (attempting to deposit below some limit to avoid disclosure).
Now to what appears to be your point having $100,000 in cash in open display in your car when you are stopped by the police will definitely raise suspicions. But then again so will many other things that are not illegal but might raise suspicions depending on the context of where they appear. (Walk into a bank with a toy pistol vs. walk around your friends backyard with a toy pistol).
[1] And what is 'nearly illegal' is that like 'nearly pregnant' (the classical example actually 'pregnant' or 'not').
It's pretty easy to become a suspect for walking while black, smelling like marijuana, resisting arrest, driving suspiciously, having a dog respond to you…
Has anyone ever just withdrawn cash from their bank account that was obviously from a legitimate source and had it seized by police and not been able to get it back?
Because the way people talk about civil forfeiture is as though this happens all the time, but ostensibly there's not supposed to be a problem if the cash is traceable.
Stories about civil forfeiture abuses that I've read don't delve into whether the victim actually was able to prove the source of the money in a normal way.
I think the civil forfeiture cases involve what sounds like a contradiction: people who are relatively poor with a large sum of cash.
The problem is that this cash is essentially their entire savings. Which means their ability to fight the forfeiture is limited, and the arresting police can infer that. Rich people tend not to need to have even that amount of cash: they can take advantage of the normal banking system to transfer money. And if they were stopped, it's easy to infer that someone is at least rich enough to quickly hire good lawyers to fight the seizure.
However, with that said, I think caymanjim was being intentionally unspecific to prove a point. It's not against the written laws to have large sums of cash. But if such cash represents most of your wealth, and you're transporting it across certain areas, you're at the mercy of various law enforcement who may overstep their actual authority.
A tangent, but why can’t a “poor” person with $10,000 use banks? I am unaware of any income requirement to open a bank account. In many states, even illegal aliens can’t open bank accounts. I’m not sure I understand why the poor can’t use banks. I was poor once with credit in the low 500s and I’ve always had bank accounts.
They can. Why they are less likely to is, I believe, an area of active study. A 2017 study by the Federal Deposit Insurance Corporation cites the two main reasons as trust and fees (page 4): https://www.fdic.gov/householdsurvey/2017/2017execsumm.pdf
Most physical banks charge you fees for having a checking account, fees for overdrafting, etc. If you don't pay one of those you can be banned from banking by Chexsystems.
Do you really think most banks charge monthly fees for having a checking account?
I just checked and the bank I had an account with for many years requires $50 deposited to open an account and no minimum balance or monthly fee, includes free checks and debit card.
The credit union I use now has no minimum balance, no monthly fee, and no fee for writing checks. You have to deposit $1 for a share of the credit union, which you get back if you close your account.
My impression is these days they are making over 2% on deposits absolutely risk free, so they better not charge anything.
Yes, any big bank with a lot of branches absolutely charges you. It's very easy to get deals like online banks (more reliable than credit unions BTW) but those don't provide services like depositing cash some people need.
I wasn't talking about online banks, which I know nothing about. I was talking about ordinary everyday banks and credit unions, which allow you to withdraw money from shared networks[1] of ATMs nationwide for free. Like, this is a thing, you don't have to have $20,000 in a Bank of America account to get free checking and you don't need a nationwide branded ATM/branch network. You don't have to have direct deposit either. Or be white. I've literally been in banks and have seen with my own eyes how it works.
Requiring $50 in the account or $10 a month deposits to avoid the fee is still too much. Large overdrafts are also too much. The thing about poor people is they don’t have any money.
"The problem is that this cash is essentially their
entire savings. Which means their ability to fight the forfeiture is limited"
You're implying that people with reasonable documentation for the source of their cash can't just fill out some forms, but need to hire lawyers or something. Have you seen news articles or other sources describing such a situation?
I think the problem is that poor people transferring money typically don't have such documentation on them. (As was the case in the situations I just googled, which are easy to find. For example: https://www.vox.com/2015/6/17/8792623/civil-forfeiture-charl...) Most such seizures are also tied up with "suspicion" of drug trafficking, which means it's no longer a matter of proving the money is yours. You must now prove the money is not involved in your supposed drug trafficking.
All the high denomination notes (~80% of circulating currency) were demonetized in India on 8th November 2016. So all the money in the safe had to be taken to the bank to be exchanged.
And then taking out more than a limit of cash is a very lengthy process now.
So yes, it's not illegal to store cash but it's very difficult. And doing cash transactions above a certain limit are illegal.
Why? Because many business people in India don't pay taxes.
I'm not up to date on the issue but India had an issue with black money and people hoarding cash without reporting the income. The laws were passed to combat that IIRC.
Ensuring the code isn't reused, to put in a ledger, to avoid some kind of replay attack, having someone pretend to be the courier and get the key to then replay to the real courier. Dunno, probably many many things avoided by making the key not usable but still verifiable.
I can think of only one scenario when it would make sense to destroy the bill - if the Drop is still able to present the whole bill after the Courier says they delivered the package, that is a proof the Courier is lying or got played and didn't verify the code. Drop is the one who has motivation to keep the bill intact, Courier uses the bill as proof of delivery, and cuts it in half just to be safe that someone from the Drop won't stop them at gunpoint after the delivery, stealing the whole bill.
I'm not sure the drop retains half the serial number? GP claims the drop rips the bill in half, and hands the part with the (full, I seem to recall US dollar bills have the serial number on the bottom left) serial number to the courier. The courier can prove they delivered to the right drop, and the bill being ripped in half will ensure it won't be used again.
> I seem to recall US dollar bills have the serial number on the bottom left
Our money (US Currency) has two (of the same) serial numbers on each bill; one on the lower left and one on the upper right for dollar bills. Other denominations also have two; one on each side of the front of the bill, however they are in opposite places i.e. upper left, and lower right--at least the current bills in my wallet are that way.
In a criminal organization security and accountability are a more complex topic, but I would say that this way the one serial number the drop keep is a proof of identity, while the serial number the courier keep is a receipt.
But they can't use that specific one again, it doesn't matter if they take the bill to a bank and get new ones, because the serial numbers won't be the same.
It's actually pretty cool. So for starters there's disambiguation since all serials are unique, you won't have carriers knowingly delivering to the wrong drop assuming the drop keeps possession of the bill since it's globally unique. You have some plausible deniability if found, "it's just money in my wallet, picked up at mcdonalds" and it's easy to hide/dispose of. If you're really smart you could also list a handful of possible serials for extra plausible deniability and hold/disperse the others such that the mechanism is still very likely to work due to the difficulty of finding a particular bill in circulation. Even when caught you may have some additional protection when the goods being immediately exchanged are otherwise legal, legal in the absence of money changing hands or difficult to establish in the absence of money or another component.
Assuming the actual transaction is reasonably atomic, which it should be unless there's a fight or something, the the carrier can always prove that they delivered to the correct drop if they have a physical copy of the agreed upon serial while the drop can prove that they didn't receive a delivery if they can reproduce an undamaged copy of the whole bill. The ripping of the bill itself could plausibly serve as a step in a multi step process where the carrier may demand that the bill be ripped after the serial and goods are confirmed but before not yet exchanged so that the drop can't claim that a delivery was not at least attempted on the part of the courier. We could also do it with two bills, one from each party such that each party can have some proof that a transaction was or wasn't completed and with the right party in the case of a double exchange.
The upfront cost of forging passable $1 bills is too high to be economical to pull off just for these low volume transactions, especially after the logistical cost of injecting the bills or otherwise tricking someone to using a fake as well as keeping a copy on hand but even if you achieved that. You'd also have to contend with the fed's coming after you for forging currency if the bills you distributed ever got into public circulation in any significant quantity so it should be pretty secure as long as they're sourced from a fairly high volume location like mcdonalds or something.
The entropy might be somewhat useful too in bookkeeping like maybe using only bills ending with a 0 are for small cash transactions, 1 for large cash transactions, 2 is for drugs A, 3 for drug B etc... Entropy might be important but there are much easier sources.
I can’t find any direct evidence now, but I remember hearing (probably in the 80’s) that one of the ideas suggested for assigning Ethernet MAC addresses was to use dollar bill serial numbers, to avoid having to set up and run a central registry forever. However, it’s technically illegal to destroy currency and the cost of $1 per address would eventually become uneconomic.
Angadiya ( havala ) or cash transfer has been done like this since ages, and most of them are from not so educated background, but very rich doing this. Interesting thing is when Bitcoin was at its pick, they adopted Bitcoin as a currency transaction quite quickly.
I'd love to see a detailed list of the features of this dollar exchange system that make it preferable to any of the relevant software systems currently in existence.
My guess is that such a list can generalize to HCI and help reveal some of the garbage assumptions behind a lot of common software (esp. cryptography-related software).
you have enough drugs on you to land you in jail for multiple decades. you're scheduled to exchange them for cash with some unknown person. you meet the person, but how do you know it's really the person or the police or an unauthorized buyer? Well, your boss tells you the buyer will have a dollar bill with serial number 123-XYZ. You meet up, he produces the bill with correct serial, so you commence business.
And after the drop-off, the courier retains half of the bill w/ a serial # as proof that the delivery did occur. This prevents the buyer from later claiming "the delivery never occurred, the courier must have stolen the drugs/contraband". If that claim is made, the courier can produce the note as proof of delivery.
It would seem so, with a trusted fourth party (the US treasury) acting as the RNG.
But after the initial exchange, another random element is generated: the bill is torn in half, so if you want to forge your part, you'll have to tear it in just the right way to match the other part. This is probably going to be even more difficult than forging dollar bills in the first place.
Just getting the information to forge half the bill is hard enough: Either you have the original, in which case you don't need to fake it, or you have the other half, in which case you've already compromised the bad guy.
Not for the Treasury, who issues coins but not bills, but for the Fed. Every bill is a liability on the Federal Reserve’s balance sheet. Destroy the bill, destroy the liability. That the Fed doesn’t know you destroyed it [0] is irrelevant.
If you destroyed a coin that would be a “gift” to the Treasury, except the metal and cost of production to replace the coin might be larger than the worth of the coin (I.e. you destroy an old copper cent)
[0] dollar bills circulate like mad and are accounted for every time a bank gets a hold of them (often, due to vending machines, strippers, and diner waitresses). If a bill stops showing up, you can assign a high degree of probability that it will never show up again. Every one bill is probably long tailed, but money is fungible, so who cares if any one bill ends up re-appearing?
How is it a gift to the government? The undamaged dollar isn't a liability of the government. It's a gift to everyone who holds USD by virtue of slightly reducing the money supply, therefore slightly increasing the purchasing power of the dollars that still exist.
A gift in the amount of $1 divided by the total number of dollars.
Outstanding currency is a liability on the balance sheet of the issuer. The trick with issuing fiat currency is that you can redeem that liability with another, just the same.
The parent is wrong that it's a gift of $1 to the Treasury.
It is a gift to the government however, as you note in your own explanation. It just increased the government's USD purchasing power. The US Government is an epic scale spender of USD (millions of employees, $4.x trillion budget).
In other words, the best delivery receipt is still a bounty on your head--and entire family line--if you try to get cute. But this serves to identify the "cowboys"
https://boingboing.net/2019/03/31/di-faced-note.html