1994-03-27 - Re: Whoa, now… (was Re: Digital Cash)

Header Data

From: mpd@netcom.com (Mike Duvos)
To: cypherpunks@toad.com
Message Hash: b7c1f3212ede2320147c1c92ce46b37b0d243e87f9c929deb1a192b3ecb343ed
Message ID: <199403270126.RAA16574@mail.netcom.com>
Reply To: <199403262043.UAA03969@an-teallach.com>
UTC Datetime: 1994-03-27 00:32:42 UTC
Raw Date: Sat, 26 Mar 94 16:32:42 PST

Raw message

From: mpd@netcom.com (Mike Duvos)
Date: Sat, 26 Mar 94 16:32:42 PST
To: cypherpunks@toad.com
Subject: Re: Whoa, now... (was Re: Digital Cash)
In-Reply-To: <199403262043.UAA03969@an-teallach.com>
Message-ID: <199403270126.RAA16574@mail.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


> :From: "James G. Speth" <december@end.end.com>

> :In fact, he began this thread by citing someone who was talking about using
> :an obscured algorithm to prevent digital cash double spending.  (ie. If you
> :can't get to the algorithm, you can't cheat the system.)  His comments were
> :on the dangers of relying on this.

If I may make a small correction here, I suggested a tamperproof software 
module could be used in an offline system to process transactions in a 
way which prevented "ANONYMOUS double spending".  This is not the same as 
preventing double spending, although in a system where reputations 
matter, it has a certain deterrent effect.

> :That's the point.  Mikolaj was _never_ referring to cryptographic security.
> :He was pointing out how security through obscuring algorithms can never be
> :considered reliable.

Obscuring the operation of an algorithm inside a tamperproof module isn't
security through obscurity any more than obscuring plaintext by
encipherment is security through obscurity.  

-- 
     Mike Duvos         $    PGP 2.3a Public Key available    $
     mpd@netcom.com     $    via Finger.                      $





Thread