From: Aviel David Rubin <rubin@citi.umich.edu>
Date: Sun, 5 Dec 93 08:39:44 PST
To: cypherpunks@toad.com
Subject: Re: Anonymous Digicash
Message-ID: <9312051637.AA03926@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Mike Ingle <MIKEINGLE@delphi.com> writes:

> I want to write a simple digicash program. This will use code from PGP
> as much as possible. It will probably be online digicash, but it needs
> strong anonymity. For that you need a blind signature protocol. What is
> the best one, and where can I get a description of it?
> 
> What is the best/simplest digicash system to implement?
> 
> Is it possible to have a partially blind signature? For example, the
> customer generates the cash (random string), blinds it, and sends it
> to the bank. The bank adds an expiration date and signs it. The customer
> unblinds the random string, leaving a signature on both the cash and
> the expiration date.
> 
> --- MikeIngle@delphi.com

Allowing the bank to choose a timestamp opens the door for a
subliminal channel.