Burdens of Proof: Cryptographic Culture and
Evidence Law in the Age of Electronic Documents

Jean-François Blanchette, The MIT Press, 2012
MIT Press / Amazon  / AvaxHome / View inside!

Press and Reviews

Book review,” Jeffrey M. Stanton and Ben Rothke, JASIST, Feb. 26, 2014.
Whither Paper? Enough with simplistic predictions of its demise,” Carlin Romano, The Chronicle of Higher Education Review, Feb. 10, 2014.
Book review,” Richard Fletcher, Science and Technology Studies, Vol. 26/2013, Number 2.
“Book Reports,” Digital Evidence and Electronic Signature Review, no 9(2012):181-182.
Chronique bibliographique,” Stéphanie Lacour, Droit et Société, no 83:228-230.
Book review,” Harry Lewis, ACM SIGACT News, vol. 44(1):19-21.
Book review,” Bob Wiggins, International Journal of Information Management, vol. 33(2):413-415.
Book review,” Jeffrey J. De La Rosa, Wisconsin Lawyer, April 1, 2013.
Book review,” Kasey Duncan, Law Library Journal, vol. 105(1):104-105.
Book review,” Ben Rothke, Slashdot, December 24, 2012.
Legal systems thrived on paper,” Andrew Haesler, New South Wales Law Society Journal, September 2012, p. 82.
Law and Digital Records,” Rick Docksai, The Futurist, September-October 2012 (Vol. 46, No. 5).
Cryptology's Day in Court,” Joanie Harmon, Ampersand (August 13, 2012).
What makes a digital document real?,” IEEE Spectrum Techwise Conversations, hosted by Steven Cherry (August 7, 2012).
New Scholarly Books,” The Chronicle of Higher Education, June 18, 2012.

       
               

As electronic networks become the medium of choice for both business and social interactions, the documents these activities generate have increasingly become electronic. An important legal consequence of this shift is the need to establish the authenticity of the records (emails, web pages, social media activity) submitted by parties in the course of litigation. Yet, these digital traces seem to lack basic guarantees of authorship and fixity that would enable them to perform reliably as documentary evidence.

In the late 1970s, an obscure mathematical discipline had already provided a solution to the issue. Emerging from the shadows of national security agencies, cryptography developed an ambitious social and scientific agenda that would eventually transform it into the Internet's foremost political movement. Cryptographers passionately argued for the rights of ordinary citizens to access powerful cryptographic tools that would guarantee electronic free speech and anonymity. They also proposed to build digital analogues to the paper-based technologies fundamental to the organization of civic life, from anonymous cash to voting ballots and handwritten signatures. Yet, thirty-five years later, the concrete impact of cryptography's innovative socio-technical agenda on the development of the Internet has been disappointingly small.

Based on fieldwork undertaken during the 2000 reform of the rules governing the admissibility of signed documents in French courts, Burdens of Proof is a study of how a mathematical object travelled into the legal world to become a forensic technology, endowed with the power to transform bits into admissible evidence. It is also a study of how digital signatures ultimately failed to become integrated into the fabric of electronic networks and to deliver military-grade authentication to the masses. Burdens of Proof is thus about the promise of cryptography and the lessons that might be learned from its inability to perform. More broadly, it asks, What does it mean to translate paper-based technologies into ones suitable for electronic networks? Where does the dividing line stand between the material and the virtual? What does the limited success of cryptographic technologies reveal about such a divide?

The book explores these questions in the course of seven chapters. Chapter 2, "Communication in the Presence of Adversaries," revisits the history of cryptography through the emergence of major information technologies (book, telegraph, radio, computing devices) so as to illustrate the interplay between cryptographic techniques, their material carriers (paper, electrical current, radio waves, bits) and the means to defeat them. Chapter 3, "On the Brink of a Revolution," recounts the emergence of a cryptographic research community ushered by the publication of Diffie and Hellman's "New Directions in Cryptography," the seminal paper of modern cryptography. The chapter also illustrates how, in seeking to distinguish modern cryptography from the artisanal methods of yore and transform the field into a unique blend of computing and mathematics, cryptographers also adopted the cultural dispositions of these disciplines. In particular, they adopted mathematics' commitment to abstraction and formalism, and computing's commitment to the superiority of a disembodied view of digital information. In chapter 4, "The Equivalent of a Written Signature," I outline the main features of the cryptographic model of signatures, including the forensic services it provides (identification, integrity, non-repudiation) and the taxonomy of attacks to defeat these services. I argue that while mathematization opened new research horizons, it did not provide the cryptographic research community the concepts needed to engage with the representational nature of its models, an absence that has limited the field's capacity for reflexive change and adaptation.

Chapters 5, "Written Proof,'' and 6, "Paper and State," switch the focus to the legal arena and the multi-layered process of translating a cryptographic object into a legally defined one. From the United Nations to the European Commission to the French government, I trace the path of the cryptographic model of handwritten signatures as it makes its way through international, supranational, and national organizations. I then follow the deployment of cryptographic signatures technologies within three French legal professions (notaries, officers of civil status and land register judges) dedicated to the production of important categories of documentary evidence, i.e., real estate contracts, birth certificates, and land titles. Together, the two chapters demonstrate how the evidential qualities of signed documents will ultimately emerge from the reciprocal encounter of abstract mathematical models, technical artifacts, legal rules, and the specific practices of individuals and institutions as they create, exchange, manipulate and evaluate documentary evidence.

In Chapter 7, "The Cryptographic Imagination," I point out how controversies over the "random oracle model" and the emergence of powerful classes of side-channel attacks underline that, unlike mathematical theorems, computers are material technologies. Reviewing various strands of cryptographic research, including visual cryptography and ''kid krypto,'' I explore how memory, perception, cognition, and physical objects can be usefully integrated into cryptographic models, rather than expunged through rigid mathematical abstraction. I conclude Burdens of Proof by reviewing cryptography's recent forays into electronic voting. Given that the same assumptions --- distrust of social institutions, superiority of mathematical proof, and design goals understood to transcend time, space, and culture --- are brought to bear on the process, I argue that similar difficulties are bound to occur and that cryptography's socio-technical agenda might be better served by a greater engagement with the material world.


Endorsements

“Jean-François Blanchette has written more than the history of electronic signatures; this is a masterful account of how---as we enter the digital age---our ideas of authenticity remain solidly anchored in our analog past. What emerges is a gripping tale, untold so far, of high aspirations, dashed hopes, and an epic struggle. Uncovering why and how digital technologies fail to change professions and society, Burdens of Proof is a truly important book.”
-- Viktor Mayer-Schönberger, Oxford Internet Institute

“This book is a wonderful weave of social and technical analysis of the history of cryptography, unified by a passion for exploring the material nature of computers. With grace and wit, Blanchette has produced a work which makes a major contribution to our understanding of complex configurations of the virtual and the real.”
-- Geoffrey C. Bowker, Department of Informatics, University of California, Irvine

“A technology guaranteeing the authority of electronic documents would appear an essential tool of the digital age, which is why there is so much to learn from the failure to develop one. Jean-François Blanchette shows that understanding this failure requires addressing the historical evolution of contemporary cryptography and the legal concerns such a technology raises, together with a fearsome array of contextual issues ranging from state power to the materiality of mathematics. In contrast with the parochialism of much contemporary academia, Blanchette explains these events through an exemplary embrace of the requisite skills of a polymath.”
-- Daniel Miller, Professor of Material Culture, University College London