1995-10-19 - Re: digital cash and identity disclosure

Header Data

From: tcmay@got.net (Timothy C. May)
To: Bryce <wilcoxb@nag.cs.colorado.edu>
Message Hash: e2eb9286e238574222d2f5ade1d7eea0a14b4fb32f064f6e3acfeb2efa9767c1
Message ID: <acac05c4410210047467@[205.199.118.202]>
Reply To: N/A
UTC Datetime: 1995-10-19 20:49:53 UTC
Raw Date: Thu, 19 Oct 95 13:49:53 PDT

Raw message

From: tcmay@got.net (Timothy C. May)
Date: Thu, 19 Oct 95 13:49:53 PDT
To: Bryce <wilcoxb@nag.cs.colorado.edu>
Subject: Re: digital cash and identity disclosure
Message-ID: <acac05c4410210047467@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 7:48 PM 10/19/95, Bryce wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
> Someone claiming to be the nym calling itself tcmay@got.net (Timothy C.
>May) wrote:
>>
>> As Hal notes, there are a lot of issues and attacks to consider. I'm sorry
>> that my brief section on Chaumian digital cash in the Cyphernomicon doesn't
>> adequately cover the issues (and as the debates here show, confusion still
>> reigns, and no doubt some of my points are misleading, wrong, or
>> incomplete).
>
>
>Boy, if I were you I would want to fix the inadequacy in C'nomicon in
>order to protect my positive rep...

To each their own. There's not enough time in my life to fix all the things
that are wrong, even if I knew what they all were.

My "positive rep," such as it is with certain people, does not depend on
producing flawless documents.

In fact, there are different kinds of people. Some favor "closely reasoned"
arguments (A implies B implies C implies D....), some favor "imaginative
leaps." Where I am depends on my mood.

-
>> it tends to make
>> identity-revealing attacks possible (such as the attack I alluded to, and
>> that Hal more completely describes),
>
>
>I hesitate to pipe up in such august company, but one of us is
>confused.  The attack that we have been discussing is possible because
>Chaumian Ecash allows the payer to identify the payee.  This would be
>true whether or not there were any protocols related to
>double-spending.  (i.e., because the payer knows the actual ID number
>of the bill, she can choose to relate it to the bank and then the bank
>can identify who turns in that bill.  Has nothing to do with
>double-spending.  If the protocol provided for re-blinding before
>depositing the bill then this would not be possible, I think, and
>would still have nothing to do with double-spending.)

Oh, but it does. Suppose Alice pays out the same piece of digital cash to
Bob, Charles, Ellen, Dave, etc. Each thinks they've been paid, each gets to
the bank, each finds the bank will not honor the digital cash, as Alice has
double spent.

(Note: Any schemes for "re-blinding" must still allow "uniqueness"...and
must still point back to Alice. Else the scheme/scam above will work.
Online clearing, in which only the _first_ to present a digital cash claim
gets paid, does not have this problem.)


>Announcement: I'm about to fade out from c'punks list for a while, so
>be sure and Cc: me if you want me to see your post.

I will this time, but people generally should not expect out-of-band cc:ings.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







Thread