From: shamrock@netcom.com (Lucky Green)
Date: Mon, 6 May 1996 02:03:56 +0800
To: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Subject: Re:  Kid Gloves or Megaphones
Message-ID: <v02120d00adb1d07be5a7@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 19:58 5/4/96, E. ALLEN SMITH wrote:
>From:   IN%"shamrock@netcom.com" 21-MAR-1996 21:29:06.87
>
>>It is true that the issuer is unable to discover that double blinding is
>>being used. The real problem with the protocol is that it requires
>>payor/payee collusion, which may make it difficult to execute.
>
>        Can the payee discover that the payor isn't colluding before the bank
>can figure out who the payee is?

Yes, since the payee determines the serial numbers of the coins during
intitiation of the protocol. It is the payee that also assembles the final
coins. If the serial numbers are a match and the signature of the bank
verifies, then the protocol has been completed.


Disclaimer: My opinions are my own, not those of my employer.

-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.