From: “James A. Donald” <jamesd@echeque.com>
To: cypherpunks@toad.com
Message Hash: e04d0e336c064de294bb3da317d9b741ae960193fb99b827fa9452899533c79f
Message ID: <199601281534.HAA24247@mailx.best.com>
Reply To: N/A
UTC Datetime: 1996-01-28 15:51:31 UTC
Raw Date: Sun, 28 Jan 1996 23:51:31 +0800
From: "James A. Donald" <jamesd@echeque.com>
Date: Sun, 28 Jan 1996 23:51:31 +0800
To: cypherpunks@toad.com
Subject: Re: Hash trees and bank solvency.
Message-ID: <199601281534.HAA24247@mailx.best.com>
MIME-Version: 1.0
Content-Type: text/plain
>"James A. Donald" <jamesd@echeque.com> writes:
>
> > One solution to this problem is government auditors.
> > Government inspectors, unlike private auditors, can force
> > their way in, in the early hours of the morning, and as each
> > bank employee turns up, take him to a separate cubicle and
> > interogate him with a gun in one hand and an account book in
> > the other. This makes it difficult for the financial
> > institution to fabricate a misleading picture of its
> > financial situation.
At 10:43 PM 1/27/96 -0800, Mike Duvos wrote:
>This would be killing a mosquito with a flyswatter. Besides, the
>employees of a financial institution may be in no position to
>accurately state its financial situation, even if they are in
>little cubicles with guns to their heads.
I refer to actual practice, not to theory: (Though the guns
are only metaphorically held to peoples heads, the examiners
forcing their way in at dawn and ambushing the senior employees as
they arrive are entirely literal.)
The objective is to take them by surprise and interrogate them
separately, to avoid them "hiding" some customers and some
liabilities.
If the element of surprise is lost, the examiners are likely to
be confronted with truckloads of plausible, consistent, and
entirely bogus documentation, as happens regularly.
> A somewhat more civilized method is used by my broker, [...]
Of course a broker's opportunity to pull this kind of fraud is less
than a banks, because his customers will generally hold diverse
stocks. Suppose the broker has embezzled some IBM stocks.
Then he will have to leave out some customers that own IBM stocks
from his record keeping. But this will frequently result in
inconvenient excesses of other stocks and unexplained transactions
in other stocks, thus the needed book shuffling is more elaborate
and inconvenient than that of a bank.
> I would trust the typical customer to mail back a form to an
> outside auditor far more than I would trust him to examine a hash
> tree, check his own entry, check the neighborhood of his own
> entry for cryptographic integrity, and sound an alarm.
But it only requires one customer to discover the failure in
in a cryptographic tree, whereas to discover the failure in
the method of book keeping you describe, we have to be sure
we have covered all customers, and we have to be sure that
they receive the same information that the auditor does, and how
can one ensure that, except by the dawn raid method?
> To be perfectly candid, I would not even want the task of
> explaining to the typical banking customer what a hash tree was.
That is what software is for: The task would of course have
to be done by financial software, not done by hand.
> The outside auditor can of course be spoofed by giving him access
> only to some subset of customer accounts. The hash tree can be
> spoofed by not telling a subset of customers of its existance.
Set up the protocols so that software that verifies the hash tree
generates certificates that are proof that you are eligible to
receive the money, and software that does not, cannot generate
provably valid certificates.
Then if the institution comitts the fraud you describe, the ill
informed customers who use the rigged software get stiffed, as
they cannot easily prove that they were owed, and the better
informed customers do not get stiffed.
Notice that the above system requires that the banking software
be supplied independently and separately from the bank.
Customer expertise will improve dramatically after the first fraud,
much as computer security improves dramatically after the first
breach.
---------------------------------------------------------------------
|
We have the right to defend ourselves | http://www.jim.com/jamesd/
and our property, because of the kind |
of animals that we are. True law | James A. Donald
derives from this right, not from the |
arbitrary power of the state. | jamesd@echeque.com
Return to January 1996
Return to ““James A. Donald” <jamesd@echeque.com>”
1996-01-28 (Sun, 28 Jan 1996 23:51:31 +0800) - Re: Hash trees and bank solvency. - “James A. Donald” <jamesd@echeque.com>