From: Nathan Loofbourrow <loofbour@cis.ohio-state.edu>
Date: Tue, 17 Oct 95 06:54:28 PDT
To: cypherpunks@toad.com
Subject: Re: mental cryptography
In-Reply-To: <199510141243.IAA27588@hammond.cis.ohio-state.edu>
Message-ID: <199510171354.JAA13063@colon.cis.ohio-state.edu>
MIME-Version: 1.0
Content-Type: text/plain


Scott Brickner writes:
 > Nathan Loofbourrow writes:
 > >It may be that the approach is off anyway. Credit cards have only
 > >signature verification -- if the salesperson bothers -- because stolen
 > >cards are reported. You don't need a strong authentication technique
 > >if a stolen card is easy to cancel.
 > 
 > The card's easy to cancel, but the cash ain't.  Credit cards are
 > cleared with the issuer.  Digital cash with smart cards acting as
 > transaction observers don't need this.  The thief need only transfer
 > the cash from the stolen card to his own, just like he does with
 > regular cash.

Er, um, right.

Well, then, perhaps on-line systems need to consider cash
revocation in case of theft. Actually, this is a no-brainer: just
exchange the cash for some new coin, and the old stuff goes
invalid. Admittedly, this means a footrace for the mugger and the
victim, so I guess the mugger is encouraged to knock you out cold.

Maybe you just shouldn't carry too much cash with you. Gee, that
sounds like good advice even without digital protocols.

 > >Even with a weak PIN system for authentication, you can always provide
 > >a "duress" PIN, right?
 > 
 > Sounds like a better choice.

Duress PINs liberally sprinkled through the keyspace also drop the
efficacy of brute-force PIN search for the thief.

nathan