s1113645@tesla.cc.uottawa.ca writes:
I had an idea for an advertising based net-payment scheme that has a particular security flaw making it totally untrustworthy unless it is possible to prove that you are not a particular person (the publisher receiving the ad money) when consuming (viewing or otherwise) the ads.
david writes:
What is this system? I can't think of any system that wouldn't work if rearranged so that instead of proving you aren't Bob, you simply don't prove that you are. It is true that they are not isomorphic, and that could be a problem in some situations, but I don't see this as one of them.
I don't know what particular scheme s1113645 has in mind. But as you point out, not proving P is very different from proving not-P. Generally, a scheme that charges for advertising based upon the measured number of accesses to the advertising has the kind of authentication problem mentioned above. The party paying for the advertising only wants to pay to reach "legitimate" customers. A dishonest publisher (selling ad space) could access the advertising many times herself to artificially inflate the access figures, justifying higher advertising charges. To avoid paying for this "illegitimate" traffic, the advertiser would like to authenticate the accesses as *not* coming from the untrusted publisher. This is a hard problem in general, because the advertiser really wants to discount accesses by the publisher, her agents, her family, her friends, etc. It's tough to prove that you're not working for someone else at a formal protocol level. (Note that widespread "legitimate" anonymous accesses of material can severely damage the reliability of these kinds of measurement-based payment schemes.) I think this thread is rapidly straying from cpunks relevance.... -Futplex <futplex@pseudonym.com>