Y'know, just defining "what we should want" is one of the biggest challenges in moving towards the next generation of crypto. How about making a list of features we want, and/or a list of scenarios we want to be able to handle? Uncontroversial features: message privacy message anonymity message untraceability digital cash digital time stamps More difficult/controversial features: message invisibility [e.g. in low bits of video signal] untraceable access to databases [just anonymous email?] electronic black markets [just electronic cash and anonymous email?] electronic voting m-of-n trust schemes time-delay messages [are they useful?] executable but non-disassemblable code [is it possible?] tagging / un-tagging of copyrighted text [what is possible?] [explanation to follow in another message ] I know how to take a crack at implementing all of these except the last two, but would benefit from better theoretical and practical work on all of them. Most of them are obviously useful, and scenarios come easily to mind. Have I missed anything? -- Marc Ringuette (mnr@cs.cmu.edu)