From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Tue, 3 May 94 09:30:25 PDT
To: unicorn@access.digex.net
Subject: Re:  Digital Cash
Message-ID: <9405031629.AA18364@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Black Unicorn <unicorn@access.digex.net> writes:
> So has anyone tried to solve the problem of double spending and
> the online requirement of digital cash?
> Is there any way to take cash offline?  Or is this merely the copy
> protection problem rehashed?

Double spending is one of the main problems digicash systems try to solve,
since digicash can obviously be copied easily.  Online systems make
the double-spending relatively easy to prevent, but, besides inconveniences,
the online transaction has a transaction cost that may make the system
unusable (e.g. a 5 cent telephone message unit costs too much for a newspaper,
though it may be fine for paying for contraband tobacco at $5/pack.)

There are two main approaches to off-line systems that I've seen:

- making the hardware expensive or contractually limited (e.g. subway
farecards, phone cards, postage meters) (It's intellectually unexciting,
but works fine economically for small transactions.)

- using tamperproof trusted hardware that embeds enough information about
its identity in each digicoin that double-spending reveals the identity,
or multiple spending reveals the identity with increasing probability.
Much of this work has been done by Chaum's folks in the Netherlands,
using "observer" smartcards; somebody posted a paper about it on sci.crypt
recently.  It's harder to use these approaches for applications like
emailing credit card numbers, but they're ok for tollbooths.  I worry 
somewhat about the privacy issues - in order for revealing a cheating userid
to be effective, either the bank needs to have a registry of who the user is,
which is a privacy problem for people who really want anonymous money,
or else there needs to be some system for distributing bad userids,
analagous to the inconvenient books of bad credit-card numbers that
small shops used to use before phone verification became widespread.
(Obviously they'd be digital, but I'd rather not have to carry a CDROM
drive or gigabyte hard disk in my wallet...