This is not new. It's been used for years by software companies in copy-protection schemes. Ask anyone who's ever "cracked" software. Copy-protection systems rely on the fact that someone can not easily find and remove the algorythm which impedes duplication. There are three common ways of preventing this. First, the code is encrypted in layers and modules. Each module decrypts the next layer and rescrambles or erases the last. This prevents the attacker from getting an overall view of the program, as it is never all accessable at once, but it can be viewed in peices as it executes. Secondly, several layers of interpreted code can be used. Each layer interprets the next. In this way, no assembly language code ever exists in plaintext (except the first level interpreter). Finally, the program checksums itself to prevent tampering. These methods can never provide foolproof protection, but they can slow down attacks considerably. Even the most determined attacks can be delayed for weeks or months. But if they want it bad enough, they can probably reverse-engineer it - as has been said before, crypto is all economics.
I've considered such possibilities for digital cash, but even if the algorithm could not be derived from the cryptographically protected software, it really doesn't solve the double-spending problem. You can just copy the entire module, along with all the money, and spend it twice (on seperate victims, of course). And all those layers of encryption can make it unbearably slow.
Ever been on a "private" bbs, or talked to peole who (talk to people, who talk to people, etc.)have been on one? You get software released on 4 Jun (for example), on 6 June it's cracked, and by 7 June, it is available on every single continent (barring Antarctica - although i'm not certain about that - supposedly there are equally private internet nodes around somewhere...). While the might of bands like Paranoimia, Skid Row, and Razor 1911 are usually concentrated on games, their expertise applies equally well to "serious" software - it's just that games are more marketable/popular and thus get the crackers' names to more people. PS - the example above is an overestimate - it often happens that software is cracked and distributed within HOURS of release. MJH * * Mikolaj J. Habryn dichro@tartarus.uwa.edu.au * "Life begins at '040." PGP Public key available by finger * "Spaghetti code means job security!"