Thank you for the first reasonable reply I've received throughout this thread. You've caught the gist of part of what I'm hoping to illuminate here (which is probably far more important in the larger scheme of things), but you haven't seen the full picture yet. I have a challenge for you. Using your own line of reasoning as a premise to be challenged, can you analyze it from an adversarial perspective and develop a proposal for how additional inferences might be made regarding unique identification of medallions in the event that each medallion has been replaced with an arbitrary token? In your deliberations, please consider every facet of the reported data. It's quite apparent that those who have replied to my comments in this thread either (1) haven't directly considered the data themselves, or (2) lack the insight required to observe relationships between apparently unrelated constructs.

In short, under this challenge, I can deliver ~90% of the medallion identifiers using no external information other than full knowledge of the means by which the original medallions are assigned. Given a tiny parcel of additional correlation, I can hit 100%.

I look forward to your reply. By the way, what do you do for a living at the moment?

The sort of services being offered are easily worth USD $1M/month when you consider who the clients are, the scale of their operations, the degree to which their systems are interconnected with those of other institutions (large and small), and the complexities involved with regulatory/legal/reputation compliance and management. Risk management and threat analysis are not simple subjects.

To put it simply, these aren't your sort of client engagements.

Throughout this conversation, I've been patiently waiting for someone to realize there's a lot more correlating data available in plain sight than anyone is owning up to. Provided that realization is made in the first place, the ensuing thought experiment should rapidly progress through probability, curve fitting, and rote process of elimination in a key space drastically reduced from even the space represented by the raw medallion search space.

If someone else, anyone else, would bother to think about this for a few moments, they might just arrive at a deeply uncomfortable conclusion: some data sets cannot be properly anonymised at all. Put another way, engineering a cryptographic solution in a vacuum is a lot like gasping for breath in outer space: you can perform actions you are utterly convinced are perfectly valid, but owing to context the end result is going to be highly unpleasant.

This is why we can't have nice things, specifically things involving sane public policy regarding privacy. Regardless of how the voting populace and their elected representatives might desire to craft policy in one direction or another, fundamental lack of understanding of the underlying environment and its rules of operation implies a necessary disconnect between intent and outcome.

This is why people need to study formal reference materials and think about things before they make recommendations, and it is why large scale intelligence outfits will continue to trump those under observation. Tunnel vision is a motherfucker.

Minor correction to the above post: "non-uniform" was intended to be "non-entropic." It's late here.

You still don't seem to understand. Maybe it will help you to recall that the input data is thoroughly non-uniform and deterministic in nature. This point was conveyed in the summary, ffs. The anonymization method asserted by msauve and errantly supported by others (yourself included) spectacularly fails to account for this fact, and bears no resemblance whatsoever to a sound OTP implementation. "You're going the wrong direction, shipmate."

I'm rather glad we didn't have folks like you leading the charge at Bletchley Park from 1939 onward, as things might have consequently turned out more poorly for the Allied powers. On the other hand, you would have fit right in keying Enigma machines.

Wow, I got modded "flamebait" for posting factual information. PayPal employees must be scrambling to man their sockpuppet accounts tonight. That's a shame; perhaps treating their customer base with respect and decency might be a better use of their time. I somehow doubt the downmod has anything to do with VPS Tree (the shit VPS provider) though, since they can't even be bothered to maintain a page for their About Us link these days.

You're either a fool or a liar. I've had funds frozen for months by PayPal with no explanation (eventually released with no apology from them), and I've also disputed recurring PayPal charges stemming from a shit VPS provider who had completely ignored several of my attempts to cancel services. In the latter case, PayPal decided to rule in the shit provider's favor anyhow. I walked away from PayPal permanently after finally getting the last of my money out of that account (again, several months later, and I still never got any of the fraudulent VPS fees refunded), and I will never transact business with them again. In fact, since January of 2012 I've continued to receive an email entitled "First Invoice Overdue Notice" from the shit VPS provider every month. Those emails serve as a nice reminder to encourage folks to avoid PayPal at all costs; people continue to use them out of sheer stupidity.

Paypal Policy - A License To Steal Your Money
Funds Stolen By PayPal
PayPal - Beware of PayPal, 6000 USD seized by Paypal
180-Day Hold Sparks PayPal Suit
Paypal Can and Will seize funds...Atwood Knives
Another PayPal victim $4000.00 seized from my business account.
PayPal Horror Stories

If you get bored, try these as well:

Exhibit A
Exhibit B

So, which is it? Are you a liar, or are you a fool?

By the way, thanks for the added laughs per your attempt to reframe this discussion as "anonymising" versus "encrypting." You'd get a few charity points for sophomoric debate tactics if the subject matter were a bit less serious in nature, but that particular bit of commentary is indeed nothing more than a juvenile attempt at diverting attention from the matters at hand. Try again.

Are you confirming shipment of the book (along with a couple of other volumes) to Delft University of Technology in your care? I found it odd that even an undergraduate at such an institution would not already have access to such material, but perhaps all university copies are already on loan to other students. As an aside, you appear to be lacking the capacity to distinguish emphasis borne of extreme frustration from certain pathological afflictions. You should work on that.

You're clearly a fan of "get one key, get 'em all." Who signs your paychecks these days?

Dude, msauve's proposed methodology is indeed tragically flawed, and you clearly haven't read the balance of the posts in this thread. Why are you so resistant to refutation of bad crypto advice? Are you positioned to benefit from deterministic systems which are advertised as cryptographically sound?

You clearly have no idea whatsoever what a one-time pad is. Reference my other comments in this thread for additional hints as to why msauve's error is particularly egregious in this context. Alternately, stay ignorant. Your choice.

I'm sincerely apprehensive about potential outcomes associated with Google becoming a domain registrar, but I'm accepting reversal of the mod points I've expended thus far on this story to strenuously object to to the thoughtcrime-based insinuation made in the following excerpt:

This is the logical equivalent to a forward-looking conviction on the same premises as Glenn Beck Raped and Murdered a Young Girl in 1990.

Completely absent additional information, I'll give you another hint on why deterministic assignment is a very bad choice here, representing a practice in total opposition to OTP: curve fitting. Is this starting to make a little more sense now?

Try again.