From: Jim McCoy <mccoy@communities.com>
To: cypherpunks@toad.com
Message Hash: 011cc20337f1b52d1459a983b14129d20b5447ee29b2d252d1b135fe8549e182
Message ID: <v03007804aeb2a16c7fc4@[205.162.51.35]>
Reply To: <v02140b02aeb235099c35@[192.0.2.1]>
UTC Datetime: 1996-11-15 23:03:06 UTC
Raw Date: Fri, 15 Nov 1996 15:03:06 -0800 (PST)
From: Jim McCoy <mccoy@communities.com>
Date: Fri, 15 Nov 1996 15:03:06 -0800 (PST)
To: cypherpunks@toad.com
Subject: Re: Members of Parliament Problem
In-Reply-To: <v02140b02aeb235099c35@[192.0.2.1]>
Message-ID: <v03007804aeb2a16c7fc4@[205.162.51.35]>
MIME-Version: 1.0
Content-Type: text/plain
Lucky writes:
>
>> At 9:32 AM 11/15/1996, Adam Shostack wrote:
>> I've been toying with schemes that multiply the Ns from everybody's
>> public key to create a new semi-anonymous public key. The only
>> problem is that in each case either identity is revealed or the
>> person seeking semi-anonymously reveals their secret key. So,
>> I am not quite there. ;-)
>
>I think that Chaum wrote some papers on group signatures. I'll try to dig
>them out. But it probably won't be before Sunday.
There are several types of "group signature" schemes out there. The one
which Chaum wrote about was signatures which require a group to perform
verification of the signature in relation to his undeniable signature
system (Lidong Chen advanced this a bit further to make the scheme more
general.) There are also systems in which group or subset of a group is
necessary to sign the message, the original work was by Yves Desmet in his
paper "Social Cryptography" in Crypto 88 or 89 I think. There have been
various advancements on these systems, with different threshold schemes
applied, the ability to have "super-votes" among the shares or veto schemes,
mechanisms using distributed computation to securely perform the signing
or encryption, as well other bells and whistles. At one point I was thinking
about such systems in the context of the DNSSEC work as a means for creating
a pseudonymous top-level domain with the same mechanisms for adjudication and
dispute resolution as the current system through group signatures but had to
set it aside to work on something a bit more practical. If anyone is really
interested I could probably put together a fairly comprehensive listing of
the literature in this particular area...
jim
Return to November 1996
Return to “ph@netcom.com (Peter Hendrickson)”