From: ichudov@algebra.com
Date: Sun, 16 Feb 1997 14:41:27 -0800 (PST)
To: Sean Roach <roach_s@alph.swosu.edu>
Subject: Re: Excerpt on SPAM from Edupage, 11 February 1997
Message-ID: <199702162241.OAA04949@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Sean Roach wrote:
> 
> At 04:45 PM 2/15/97 -0600, Igor Chudov wrote:
> >Roy M. Silvernail wrote:
> ...
> >> Or that the money wasn't there in the first place (absent a trusted
> >> signature system), or the key doesn't exist, or the wrong key is
> >> offered, or the sender put the same e-dollar on all 60000 mails sie
> >> sent and it's already been redeemed.
> >
> >Well, if the trusted party performs the encryption by both recipient's
> >public key and the "retrieval key", the problem that you mention can 
> >be avoided.
> Yeah.  I as a spam artist send the "proof" message through the e-cash
> verification center with the Send To: field returning it to a mail exploder.
> Each receipient gets the same dollar.
> This assumes that the To: field is not hashed into the verification
> signature, and that the verification works like a glorified remailer.  (cash
> added on a separate channel).
> 

Sean,

No, it works the other way. The verification center gets $1000, creates
1000 $1 coins, signs them and encrypts each with the given recipients' 
public keys.

The spammers gets these signed and encrypted coins, may superencrypt
them and sends them to the recipients.

As long as the trusted party is honest, there is no way to cheat.

	- Igor.