From: Gary Howland <gary@systemics.com>
Date: Mon, 6 May 1996 00:33:42 +0800
To: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Subject: Re: Kid Gloves or Megaphones
In-Reply-To: <01I4BJ3PYULW8Y53GG@mbcl.rutgers.edu>
Message-ID: <318CAAD4.15FB7483@systemics.com>
MIME-Version: 1.0
Content-Type: text/plain


E. ALLEN SMITH wrote:
> 
> From:   IN%"shamrock@netcom.com" 21-MAR-1996 21:29:06.87
> 
> >It is true that the issuer is unable to discover that double blinding is
> >being used. The real problem with the protocol is that it requires
> >payor/payee collusion, which may make it difficult to execute.
> 
>         Can the payee discover that the payor isn't colluding before the bank
> can figure out who the payee is?
>         -Allen

Of course.  With the modified protocol the payor has no choice in the matter.
It's a case of giving the payor a blinded unsigned coin and demanding he get the bank
to sign it - if he doesn't do this the payee will notice immediately.
Even with payor and bank collusion there is nothing that can be done to identify
the payee.

Gary
--
pub  1024/C001D00D 1996/01/22  Gary Howland <gary@systemics.com>
Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06