1994-08-27 - Re: Cash, cheaters, and anonymity

Header Data

From: Hal <hfinney@shell.portal.com>
To: cypherpunks@toad.com
Message Hash: 09b32d5e6ffd0a61d4bbf9c9a0481c0683a2a9d81f4b7f51ab7615053addae0f
Message ID: <199408271707.KAA26833@jobe.shell.portal.com>
Reply To: <199408260641.XAA11326@netcom15.netcom.com>
UTC Datetime: 1994-08-27 17:07:16 UTC
Raw Date: Sat, 27 Aug 94 10:07:16 PDT

Raw message

From: Hal <hfinney@shell.portal.com>
Date: Sat, 27 Aug 94 10:07:16 PDT
To: cypherpunks@toad.com
Subject: Re: Cash, cheaters, and anonymity
In-Reply-To: <199408260641.XAA11326@netcom15.netcom.com>
Message-ID: <199408271707.KAA26833@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


Tim has made a lot of good points, and I'll only try to respond to a few:

>NEGOTIATED PROTOCOLS TO REDUCE RISKS

>However, just as most folks make arrangements with their bank/ATM machines
>(semantic meaning #2 of "ATM") to limit cash withdrawals to, say, $200 a
>day (it varies), so too can digital cash arrangements make similar
>contractual deals to limit losses. Some possible plans:

>* Plan A: The protocol insists on retinal scan or other biometric
>authentication between the "smartcard" used as the cryptographic keying
>device and the putative owner. The "Thunderball" plan. (issues: preserving
>anonymity with biometric authentication, spoofing of the channel between
>card and physical apparatus, theft of smartcard, etc.)

In Demolition Man, Wesley Snipes plucks the eyeball out of the victim to
hold it up to the retinal scanner and escape.  Hacked-off thumbs may provide
similar workarounds for fingerprint protection.  Maybe what we want is
a system where some pass code is an alternative to physical ID.  Giving up
a secret pass phrase is a superior alternative to giving up your life, and
worth it for a few hundred dollars.  (I'll point out that this doesn't work
if duress codes are widely used which give away the bad guys.)

>[...]
>(Coins and cash bills are really "on-line clearing" though, in that their
>existential properties make them acceptable immediately; they are not
>replicable, at least not easily, and hence can be conserved in transations.
>All the usual stuff about the nature of cash money.)

I think this is where the tamper-proof wallet idea comes from; it is the 
closest anyone has come to providing truly conserved digital cash.  With
such a system you can get the benefits of on-line clearing even in the off-
line environment, just as people will accept cash today without taking it
to the bank first.

>Which will be used? (and there are many variants...) As usual, markets will
>allow choice. Many people will choose to limit exposure with Plan B-type
>transactions. Others will contract with insurance agents who cover risks by
>insisting on their own protocols for added security. (I don't mean
>conventional insurance agents, naturally.)

I think this is the key point.  All of our speculation about the relative
advantages of the various forms of cash is largely irrelevant, as long as some
form of privacy-protecting payments comes into existance.  Then the details
of the implementations will determine the relative costs and the market
advantages of each approach.  The hard part will be getting that first cash
system in place.

Oops, I've got to go.  I'll just make a quick couple of points.

>[...]
>([...]  My use of the term "claim"
>here is of the "You present the right number, you get access" kind. Like
>the combination to a safe. The train locker idea makes this clearer, and
>gets around the confusion about "digimarks" of "e$" actually _being_ any
>kind of money it and of itself.)

Dollar bills got their start this way.  At one time they were just "claims"
on the real dollars in the bank vaults.  Yet most people find it more con-
venient to think of them as money, even back when you could still turn them
in for gold.  I think it's useful to think of ecash as being money as well,
although granted it is money with its own characteristics different in some
ways from banknotes, checks, or coins.

>Off-line systems may be useful for paying for movies, toll roads, etc., but
>there the protocols can be set up to limit exposure to fraud. (Ontological
>constraints, such as number of movie theater attendees, etc., will limit
>the losses. Scams will likely still exist, but the problem seems manageable
>with some work.)

One thing I think is clear is that off-line cash will not be issued to
anonymous recipients.  Imagine a magic quarter which would reappear in
your pocket after you put it into the coke machine.  How many people would
be willing to resist using it?  That's what you'll have with an off-line
coin issued to a pseudonym.

>And as networks get much faster, expect even off-line cash to fade. Depends
>on costs, insurance rates, benefits, and of course on regulations.

This is probably right, although ironically the infrastructure for off-line
cash might be simpler.  On-line cash needs 24-hour availability, quick
(nearly instantaneous) response, a fully automated cash validation system.
We have this now, with the Visa cards, but it didn't appear overnight.  And
I doubt that the Internet is a suitable communications medium for it (due
to reasons of availability, reliability, and security).  Off-line cash could
be handled with longer turnaraounds in a machine which is not on the net,
using manual intervention so pass words and such are not stored on-line.
Of course the disadvantage is that the off-line cash requires identity
authorization during issuing.

Tim's ideas about escrow agents and a credential-less society are very
interesting as well and I'll try to make some comments on them later.

Hal





Thread