From: Mike Ingle <MIKEINGLE@delphi.com>
To: cypherpunks@toad.com
Message Hash: a133332e8b80106bfd04f862682bba4fe751212364ef437e70f534cce3860c6b
Message ID: <01H51I6RG58296WT1B@delphi.com>
Reply To: N/A
UTC Datetime: 1993-11-07 22:08:15 UTC
Raw Date: Sun, 7 Nov 93 14:08:15 PST
From: Mike Ingle <MIKEINGLE@delphi.com>
Date: Sun, 7 Nov 93 14:08:15 PST
To: cypherpunks@toad.com
Subject: Mostly offline digicash
Message-ID: <01H51I6RG58296WT1B@delphi.com>
MIME-Version: 1.0
Content-Type: text/plain
>>After-the-fact detection probably won't fly, because organized multiple
>>spending could kill it. There are people who are dumb enough to write
>>their PIN numbers on their ATM cards.
>Nevertheless, millions use ATM cards, with substantially less loss to
>fraud than with credit cards. Improvement in privacy and reduction
>of incidence of fraud over credit cards are sufficient goals for a
>digital cash system.
True, but if someone swipes your ATM card and PIN, they can only get
what's in your account, and only $300 or $500 a day. If someone swipes
your digi-coins, they can spend them hundreds of times, obtaining
merchandise worth much more than the coins, before being detected.
That's the hazard I'm worried about. A few such heists could make
people back away from digicash.
The problem with credit cards (and cellular phones) is the "replay
attack." Some kind of authentication is needed. As I understand it,
ATM's use DES with the PIN being used as part of the DES key, correct?
>For Pretty Good Digicash, which would probably far exceed those
>goals, how about a "mostly offline" system as follows:
I like this approach. It does require the "online infrastructure" to
be present at every shop, but it would generate less bandwidth than
fully online systems. Offline processing could be done at night when
the system is otherwise idle. The Russian-roulette aspect of trying to
cheat would certainly discourage it.
>I envision a decentralized credit-rating system, so that the
>integrity of ratings cannot be jeopardized by corrupting one or a
>related few credit rating agencies with false information. (The IP
>paradigm: an economy should be able to route around node failures).
Definitely. The goal of digicash, at least in my opinion, is to
destroy centralized power. An online system should have multiple
servers, and an observer-based system should have multiple suppliers
of observers. The only secret in the observer should be the key.
--- MikeIngle@delphi.com
Return to November 1993
Return to “szabo@netcom.com (Nick Szabo)”