On Friday, April 25, 2003, at 11:20 AM, Patrick Chkoreff wrote:
Sincere thanks to everyone for the living hell I went through yesterday.
I do understand the rationale for blinding now. The math was never the problem. I was mistakenly thinking that because my sacred code did not in fact record any IP-based transmission logs, users were safe as far as anonymity and privacy were concerned. What I missed was that if someone put a gun to my head and said "Put in some code to keep transmission logs and don't tell anybody or I'll kill your family," I would in fact obey and the security of the system would be compromised without anyone knowing. As RAH says, force monopolies are a bitch.
More importantly, if there is any way for you to track digital money, then whether you _claim_ to be "not recording" or not is irrelevant. Without blinding (or similar), a system is just another "trust me" system. And "trust me" systems are not interesting. Not meaning to sound too harsh, but you need to think deeply about what cryptography is all about and why "trust me, I promise not to look" systems are not desirable or interesting. (The cipher equivalent of your "because my sacred code did not in fact record any IP-based transmission logs" is just the usual central key server example: "Digital Datawhack generates keys for its customers but does not in fact record them." Yeah, right.) --Tim May "A democracy cannot exist as a permanent form of government. It can only exist until the voters discover that they can vote themselves money from the Public Treasury. From that moment on, the majority always votes for the candidate promising the most benefits from the Public Treasury with the result that a democracy always collapses over loose fiscal policy always followed by dictatorship." --Alexander Fraser Tyler