----- Original Message ----- From: "AARG!Anonymous" <remailer@aarg.net> To: <adam@cypherspace.org>; <cypherpunks@lne.com>; <cryptography@wasabisystems.com> Sent: Monday, August 05, 2002 7:25 PM Subject: Re: dangers of TCPA/palladium
Adam Back writes:
To address privacy with for example Brands digital credentials, the underlying cryptography may be harder to understand, or at least less familiar, but I don't think using a toolkit based on Brands digital credentials would be significantly harder than using an identity or attribute based PKI toolkit. Similar for Chaum's credentials or other approach.
Sure, but how many pages would it take in the spec to describe the protocol? Especially given their turgid technical-writer prose? Brands took a whole book to describe his credentials thoroughly.
Not many pages at all. See the description of practical protocols for private credentials here http://crypto.cs.mcgill.ca/~stiglic/Papers/brands.pdf The paper is not longer than Ben Laurie's write up of Lucre, and in my point of view just as readable. Of course it doesn't give details on the formatting of messages and other stuff (you won't find that in most descriptions of blind signatures protocols or Lucre either), but these can easily be added. There is enough information for developer who has basic knowledge in crypto to understand what an implementation of the scheme would look like, and also to validate an existing implementation of the particular protocols described. Brands' book is long and very technical because he describes in it many variations of his protocols and provides detailed proofs of security for each protocol. For a more simple reading that provides intuition and motivation for the technology read Stefan Brands' paper "A Technical Overview of Digital Credentials", http://www.xs4all.nl/~brands/overview.pdf --Anton --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com