1996-10-13 - Blinded Identities [was Re: exporting signatures only/CAPI]
Header Data
From: “Michael Froomkin - U.Miami School of Law” <froomkin@law.miami.edu>
To: Steve Schear <azur@netcom.com>
Message Hash: 49f1f234df8cabb4ca4e1ce227d0cb409661b7bedaa4073485682d7aa8d0f651
Message ID: <Pine.SUN.3.95.961013162235.21791C-100000@viper.law.miami.edu>
Reply To: <v02130503ae865897f409@[10.0.2.15]>
UTC Datetime: 1996-10-13 20:26:14 UTC
Raw Date: Sun, 13 Oct 1996 13:26:14 -0700 (PDT)
Raw message
From: "Michael Froomkin - U.Miami School of Law" <froomkin@law.miami.edu>
Date: Sun, 13 Oct 1996 13:26:14 -0700 (PDT)
To: Steve Schear <azur@netcom.com>
Subject: Blinded Identities [was Re: exporting signatures only/CAPI]
In-Reply-To: <v02130503ae865897f409@[10.0.2.15]>
Message-ID: <Pine.SUN.3.95.961013162235.21791C-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain
[cc'd to coderpunks]
On Sun, 13 Oct 1996, Steve Schear wrote:
> >Steve Shear <azur@netcom.com> writes:
[much cut]
>
> I've been charged with developing an Internet service which needs to assure
> its clients of anonymity. However, we fear some clients may abuse the
> service and we wish to prevent the abusers from re-enrollment if
> terminated for misbehavior. (In your example, it would be the person(s)
> trying to discover the service host via flood).
>
> My thought was to base enrollment on some sort of 'blinding' of their
> certified signature (e.g., from Verisign) which produces a unique result
> for each signature but prevents the service from reconstructing the
> signature itself (and thereby reveal the client's identity). I'm calling
> this negative authentication.
>
> Have you come across anyone who has considered this problem or
> another one which is mathematically very similar?
Stefan Brands has a protocol that probably does what you want. And also
would form the basis for anonymous internet "postage stamps"...
It is unpublished, but he kindly allowed to me describe it in a paper I
wrote that discussed whether a bank would ever want to take the risk of
allowing bank accounts where it did not know the identity of the customer.
The protocol is described at
http://www.law.miami.edu/~froomkin/articles/oceanno.htm#ENDNOTE286
[A frames version of the same paper is at
http://www.law.miami.edu/~froomkin/articles/ocean.htm
but it's harder to jump straight to the footnote you want in that version]
**Benjamin Bradley Froomkin, b. Sept. 13, 1996, 8 lbs 14.5oz 21.5"**
**Age two weeks: 9 lbs 12 oz, 23"**
A. Michael Froomkin | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law |
U. Miami School of Law | froomkin@law.miami.edu
P.O. Box 248087 | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.
Thread
Return to October 1996
- Return to “Adam Back <aba@dcs.ex.ac.uk>”
- Return to “Adam Shostack <adam@homeport.org>”
- Return to “azur@netcom.com (Steve Schear)”
- Return to “Carl Ellison <cme@ACM.ORG>”
Return to ““Michael Froomkin - U.Miami School of Law” <froomkin@law.miami.edu>”
- 1996-10-13 (Sun, 13 Oct 1996 08:28:11 -0700 (PDT)) - Re: exporting signatures only/CAPI (was Re: Why not PGP?) - azur@netcom.com (Steve Schear)
- 1996-10-13 (Sun, 13 Oct 1996 09:53:52 -0700 (PDT)) - Re: exporting signatures only/CAPI (was Re: Why not PGP?) - Adam Shostack <adam@homeport.org>
- 1996-10-13 (Sun, 13 Oct 1996 13:26:14 -0700 (PDT)) - Blinded Identities [was Re: exporting signatures only/CAPI] - “Michael Froomkin - U.Miami School of Law” <froomkin@law.miami.edu>
- 1996-10-15 (Tue, 15 Oct 1996 10:30:23 -0700 (PDT)) - Re: exporting signatures only/CAPI (was Re: Why not PGP?) - Adam Back <aba@dcs.ex.ac.uk>
- 1996-10-17 (Thu, 17 Oct 1996 10:06:07 -0700 (PDT)) - Anonymous Auth Certificates [was: Re: Blinded Identities] - Carl Ellison <cme@ACM.ORG>