1995-11-21 - Re: Proving I’m not Bob.

Header Data

From: futplex@pseudonym.com (Futplex)
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Message Hash: ac2377d90d6d0f4eac1561540529b48ba9dc41bebdea5356fac0754ce776b973
Message ID: <199511212210.RAA11334@thor.cs.umass.edu>
Reply To: <Pine.NXT.3.91.951121142858.1144A-100000@litoria>
UTC Datetime: 1995-11-21 22:53:16 UTC
Raw Date: Wed, 22 Nov 1995 06:53:16 +0800

Raw message

From: futplex@pseudonym.com (Futplex)
Date: Wed, 22 Nov 1995 06:53:16 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Proving I'm not Bob.
In-Reply-To: <Pine.NXT.3.91.951121142858.1144A-100000@litoria>
Message-ID: <199511212210.RAA11334@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


s1113645@tesla.cc.uottawa.ca writes:
> I had an idea for an advertising based net-payment scheme that has 
> a particular security flaw making it totally untrustworthy unless it is
> possible to prove that you are not a particular person (the publisher 
> receiving the ad money) when consuming (viewing or otherwise) the ads.

david writes:
> What is this system?  I can't think of any system that wouldn't work if 
> rearranged so that instead of proving you aren't Bob, you simply don't 
> prove that you are.  It is true that they are not isomorphic, and that 
> could be a problem in some situations, but I don't see this as one of them.

I don't know what particular scheme s1113645 has in mind. But as you point
out, not proving P is very different from proving not-P. Generally, a scheme
that charges for advertising based upon the measured number of accesses to
the advertising has the kind of authentication problem mentioned above. The
party paying for the advertising only wants to pay to reach "legitimate" 
customers. A dishonest publisher (selling ad space) could access the
advertising many times herself to artificially inflate the access figures,
justifying higher advertising charges. 

To avoid paying for this "illegitimate" traffic, the advertiser would like to
authenticate the accesses as *not* coming from the untrusted publisher. This
is a hard problem in general, because the advertiser really wants to discount 
accesses by the publisher, her agents, her family, her friends, etc. It's
tough to prove that you're not working for someone else at a formal protocol
level.

(Note that widespread "legitimate" anonymous accesses of material can
severely damage the reliability of these kinds of measurement-based payment
schemes.)

I think this thread is rapidly straying from cpunks relevance....

-Futplex <futplex@pseudonym.com>





Thread