:From: "James G. Speth" <december@end.end.com>
:In fact, he began this thread by citing someone who was talking about using :an obscured algorithm to prevent digital cash double spending. (ie. If you :can't get to the algorithm, you can't cheat the system.) His comments were :on the dangers of relying on this.
If I may make a small correction here, I suggested a tamperproof software module could be used in an offline system to process transactions in a way which prevented "ANONYMOUS double spending". This is not the same as preventing double spending, although in a system where reputations matter, it has a certain deterrent effect.
:That's the point. Mikolaj was _never_ referring to cryptographic security. :He was pointing out how security through obscuring algorithms can never be :considered reliable.
Obscuring the operation of an algorithm inside a tamperproof module isn't security through obscurity any more than obscuring plaintext by encipherment is security through obscurity. -- Mike Duvos $ PGP 2.3a Public Key available $ mpd@netcom.com $ via Finger. $