From: Bryce <wilcoxb@nag.cs.colorado.edu>
To: tcmay@got.net (Timothy C. May)
Message Hash: aaffb1038aca1615900181cb1c4ab293cc8fa78bac605283e978892585538028
Message ID: <199510191948.NAA24841@nag.cs.colorado.edu>
Reply To: <acabe4df3f021004b9f5@[205.199.118.202]>
UTC Datetime: 1995-10-19 19:49:07 UTC
Raw Date: Thu, 19 Oct 95 12:49:07 PDT
From: Bryce <wilcoxb@nag.cs.colorado.edu>
Date: Thu, 19 Oct 95 12:49:07 PDT
To: tcmay@got.net (Timothy C. May)
Subject: Re: digital cash and identity disclosure
In-Reply-To: <acabe4df3f021004b9f5@[205.199.118.202]>
Message-ID: <199510191948.NAA24841@nag.cs.colorado.edu>
MIME-Version: 1.0
Content-Type: text/plain
-----BEGIN PGP SIGNED MESSAGE-----
Someone claiming to be the nym calling itself tcmay@got.net (Timothy C.
May) wrote:
>
> As Hal notes, there are a lot of issues and attacks to consider. I'm sorry
> that my brief section on Chaumian digital cash in the Cyphernomicon doesn't
> adequately cover the issues (and as the debates here show, confusion still
> reigns, and no doubt some of my points are misleading, wrong, or
> incomplete).
Boy, if I were you I would want to fix the inadequacy in C'nomicon in
order to protect my positive rep...
> "Double spending" detection is a REAL MESS. That's my basic conclusion. It
> tends to require schemes for going after double spenders,
You mean Real Life(tm) security a.k.a. force, but this isn't
necessarily so. We could just as well debit the double-spender's
rep and lower the limit on how much e-cash he will be issued.
> it tends to make
> identity-revealing attacks possible (such as the attack I alluded to, and
> that Hal more completely describes),
I hesitate to pipe up in such august company, but one of us is
confused. The attack that we have been discussing is possible because
Chaumian Ecash allows the payer to identify the payee. This would be
true whether or not there were any protocols related to
double-spending. (i.e., because the payer knows the actual ID number
of the bill, she can choose to relate it to the bank and then the bank
can identify who turns in that bill. Has nothing to do with
double-spending. If the protocol provided for re-blinding before
depositing the bill then this would not be possible, I think, and
would still have nothing to do with double-spending.)
> and it's INELEGANT.
I personally think it is beautiful, because it allows for off-line
transactions at a cost of a relatively small risk of double-spending.
Perhaps we could modify the protocol and have the best of both worlds?
I think I'll write a separate post on this subject now...
Regards,
Bryce
Announcement: I'm about to fade out from c'punks list for a while, so
be sure and Cc: me if you want me to see your post.
signatures follow
"To strive, to seek, to find and not to yield."
<a href="http://ugrad-www.cs.colorado.edu/~wilcoxb/Niche.html">
bryce@colorado.edu </a>
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01
iQCVAwUBMIarbfWZSllhfG25AQEYzAQAtjBPJ6iZAepKa4sfzFjciX9oPK/orYcl
GT7WpBPJSmPeuBEUdruNDcp3GEuuBit+xOsAqvaORA3epw12BDlzlBN3gU4nq5dL
GmsDR7CKX64Ouz/+qxoMmGPUe/CH6FHg4msIvitE7A6DNltYJMPOfWrVF3lhwcx7
iguZ8TAbtTU=
=fXcK
-----END PGP SIGNATURE-----
Return to October 1995
Return to “tcmay@got.net (Timothy C. May)”