On Fri, Dec 29, 2000 at 06:17:07AM -0500, dmolnar wrote:
"Distribution Chain Security" M. Franklin and G. Durfee ACM CCS 2000 http://citeseer.nj.nec.com/332962.html
It's actually a not-bad example of how a "standard" crypto component is taken and then tweaked for use in a particular protocol. The standard component is a homomorphic commitment scheme designed by Cramer and Damg*rd and published in 1998. This paper shows how to use it to prove a series of contracts satisfies certain relations w/o revealing the contracts - and then adds a method to make the particular relations they care about more efficient.
I realize that the original citation was meant as an example of the difficulty of reaching crypto standards, but this "smart contracts" crap is really sticking in my throat this week. It's really unfortunate that the crypto community seems determined to take words which have relatively specific and nuanced legal definitions and overload them with cartoonish definitions - the math tricks described therein are interesting, but bear no relationship to contracts as lawyers and courts understand that term. The behavior described is closer to licensing, but is unlikely to create an actual license without careful attention. The citations to support the authors' claims that "Systems to enforce digital contracts are already in place or will be available soon" are to three websites for CPRM-ish schemes - Xerox' "ContentGuard" at <http://www.contentguard.com>, Intertrust at <http://www.intertrust.com>, and SDMI, brainchild of the RIAA, at <http://www.sdmi.org>, and a print citation to an article by Mark Stefik (the person behind the Xerox and Intertrust copy protection schemes) entitled "The Bit and the Pendulum: Balancing the Interests of Stakeholders in Digital Publishing". (I'm not kidding. Those URL's - without links to specific documents - are the references which support the authors' claims about the feasibility of enforceable digital contracts.) One can guess exactly how "balanced" the outcome is likely to be where one stakeholder gets to design and implement (without reverse engineering, thanks to the DMCA) the technical apparatus which will be used to "enforce" the "contracts" between the parties. Stefik's reference to Poe's torture apparatus is perhaps more apropos than he intended. -- Greg Broiles gbroiles@netbox.com PO Box 897 Oakland CA 94604