From: jim@bilbo.suite.com (Jim Miller)
Date: Fri, 19 Nov 93 16:56:59 PST
To: cypherpunks@toad.com
Subject: Re: All our eggs in one basket?
Message-ID: <9311200054.AA13432@bilbo.suite.com>
MIME-Version: 1.0
Content-Type: text/plain



Eric Hughes writes

> > Jim Miller writes
> >
> >If I failed to reply with a signed receipt, the bank could invalidate the  

> >digital coin.  

> 

> Unfortunately for this idea, when the bank uses a blind signature to
> issue coins, it doesn't know what coin it just issued actually looks
> like.  The bank signs a blinded form of the coin.  The blinded form is
> unblinded by the withdrawer, and the bank cannot know what it looks
> like.
> 


I just got "Applied Cryptography" so now I know what you mean by "blinded form  
of the coin".

I was thinking that the bank actually constructed the coin, but in fact the  
bank merely signs one of my blinded money orders.  This signed blinded money  
order becomes the "coin" (at least in this scheme).

That being the case, I still not sure how I am protected from a bank that  
cheats by bring the protocol up to the point where I unblind 99 of the money  
orders and the bank deducts the amount from my account but never sends me the  
money.

I have some more reading to do, it seems.

Perhaps I can simply trust the bank not to do this because it wants my future  
business.  Still, if it were possible, I'd prefer not to have to trust the  
bank.  After all, the bank doesn't have to trust me.


Jim_Miller@suite.com