1995-11-30 - Re: ecash lottery (Was: ecash casino)

Header Data

From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
To: tcmay@got.net (Timothy C. May)
Message Hash: ef1f8f18915a6a4dc51d514cd53914c1368c58f9d9b63906598ecb03d301e19e
Message ID: <199511301122.WAA23954@sweeney.cs.monash.edu.au>
Reply To: <ace2b2de0c021004c90a@[205.199.118.202]>
UTC Datetime: 1995-11-30 11:37:34 UTC
Raw Date: Thu, 30 Nov 1995 19:37:34 +0800

Raw message

From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Thu, 30 Nov 1995 19:37:34 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: ecash lottery (Was: ecash casino)
In-Reply-To: <ace2b2de0c021004c90a@[205.199.118.202]>
Message-ID: <199511301122.WAA23954@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Hello cypherpunks@toad.com
  and tcmay@got.net (Timothy C. May)

tcmay wrote:
> At 6:22 AM 11/30/95, Bill Frantz wrote:
> >At 20:38 11/29/95 -0800, Timothy C. May wrote:
> >>Have to be _very_ careful here. A variety of scams can be developed which
> >>show lots of "small" winners, but which fail to show any large winners. The
...
> My intuition (hand-waving) is that an anonymous lottery is possible, but I
> haven't looked at the details. Certainly multiple trusted holders of keys
...

I've read somewhere that it's possible to play poker over the telephone;
see comp.risks 17.19 and 17.21 (particularly the latter, though I haven't
followed the references so I can't speak of them).

...
> (escrow agents) would help make the lottery fair. Maybe bit commitment
> would help (each player buys the right to play, then "commits" his number.
...

How about every person commits a random number, then all reveal.
The winner is determined deterministically from all the numbers.

Does this make sense or is there some basic hole in it?

(
I have a tendency to be too brief to be comprehensible, so let me
rephrase it somewhat longer:

1. game is announced, players registered and numbered [1]..[n]
2. each player [i] chooses a random number [a_i] (secretly)
3. each player [i] publicly commits to [a_i]
4. wait for all players to commit
5. each player [i] publishes [a_i]
6. the winner is player [f(a_1,a_2,...,a_n)]

The function f doesn't need to be one way, but the output must depend on
all the inputs. (Sum modulo n sounds OK but I haven't thought it out.)
)

The fun bit in this game would be picking your number - of course
that reduces security, but I suspect that many people would prefer
to type in their lucky numbers themselves than having a computer
pick it for them... Or you could get the entropy from the mouse:
"it's all in the wrist".

You could probably almost code that in a shell script...


Obvious weakness is that the last player to do step 5 above knows
who the winner is before anyone else, and could presumably disappear.
The way to avoid this is a rule that when a player disappears the
money goes to charity. (A malicious last player could still prevent
you from winning, but at least without payoff. You could give it
negative payoff if you wanted.) If you wish to discuss this point,
Cc me at jiri@c031.aone.net.au - that's where my spreadsheet is.


Have I just made a complete fool of myself?

Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBML2T0yxV6mvvBgf5AQEtGQP/VKUGrArDxG98iIiAtQ0zuErSjCsMJN+P
HJ8MROmbgPa5kstzLMRk6wjPSkxSuUtiLLVbTTV6Aghfi2Kh7mRa6D38j43hyImU
Z0V6V7gtCis/QzZ7KSTt5KKkDev672bbL17XYVWhMfvLABUG7L7kCbbKDGjUgUrL
yl4H+8Pxt1c=
=2nuk
-----END PGP SIGNATURE-----





Thread