Proving I'm not Bob.
I had an idea for an advertising based net-payment scheme that has a particular security flaw making it totally untrustworthy unless it is possible to prove that you are not a particular person (the publisher receiving the ad money) when consuming (viewing or otherwise) the ads. All its other flaws seem to based on the same sort of identity denial problem. Damn! Any protocols, cryptographic or otherwise? TIA
s1113645@tesla.cc.uottawa.ca writes:
I had an idea for an advertising based net-payment scheme that has a particular security flaw making it totally untrustworthy unless it is possible to prove that you are not a particular person (the publisher receiving the ad money) when consuming (viewing or otherwise) the ads.
BTW, we had some interesting postings here last year from Jason Solinsky (solman@mit.edu) about schemes involving advertising and payment, where people would get paid to view advertisements. Is this the kind of thing you're thinking of? I posted some ideas once on how to prove that you are not someone else. Any such scheme has to be grounded in a physical mechanism to determine that two people are different. For example, you might be able to get some special cryptographic signature or credential from an agency by showing some biometric information, such as retina or thumb prints. You wouldn't necessarily have to reveal your name, identity, or any other information; just something which would allow the agency to be sure that they had not given such a credential out to you before. If you didn't care about privacy, your problem could then be solved simply by having each person exhibit his credential (these are often called "is-a-person" credentials). The more interesting question then becomes exhibiting that credential in a privacy protecting way, but still being able to tell if two people are showing the same or different credentials. There are various ways of doing this; one of the simplest would be for the agency to give you a blind signature using a particular exponent, where you would be allowed exactly one of each exponent. You unblind these, and to show you aren't Bob both you and Bob show your signatures for some matching exponent, which will be different. Because of the blinding, no one will link the credential to your identifying information, and because it is a signature from the agency, no one can forge a credential different from the one they have. Depending on the situation and your tradeoffs between convenience and privacy, you might discard used credentials (for maximum privacy), or you might reuse them in a particular forum where you have persistent identity (for maximum convenience). In the latter case, the exponent used could be associated with the forum, which is the idea behind Chaum's pseudonym system. Hal Finney hfinney@shell.portal.com
On Tue, 21 Nov 1995 s1113645@tesla.cc.uottawa.ca wrote:
I had an idea for an advertising based net-payment scheme that has a particular security flaw making it totally untrustworthy unless it is possible to prove that you are not a particular person (the publisher receiving the ad money) when consuming (viewing or otherwise) the ads.
What is this system? I can't think of any system that wouldn't work if rearranged so that instead of proving you aren't Bob, you simply don't prove that you are. It is true that they are not isomorphic, and that could be a problem in some situations, but I don't see this as one of them. david -------- David_Scheidt@math.earlham.edu yip yip yip yap yap yak yap yip *BANG* -- no terrier
On Tue, 21 Nov 1995, David Scheidt wrote:
What is this system? I can't think of any system that wouldn't work if rearranged so that instead of proving you aren't Bob, you simply don't prove that you are. It is true that they are not isomorphic, and that could be a problem in some situations, but I don't see this as one of them.
Hal and Futplex pretty much described it. I figured a proof of non-identity (if possible) would have saved one hell of a lot of messy authentication in those cases when there is only one possible cheater (due to economic incentives) with many possible pseudonyms (or friends).
s1113645@tesla.cc.uottawa.ca writes:
I had an idea for an advertising based net-payment scheme that has a particular security flaw making it totally untrustworthy unless it is possible to prove that you are not a particular person (the publisher receiving the ad money) when consuming (viewing or otherwise) the ads.
david writes:
What is this system? I can't think of any system that wouldn't work if rearranged so that instead of proving you aren't Bob, you simply don't prove that you are. It is true that they are not isomorphic, and that could be a problem in some situations, but I don't see this as one of them.
I don't know what particular scheme s1113645 has in mind. But as you point out, not proving P is very different from proving not-P. Generally, a scheme that charges for advertising based upon the measured number of accesses to the advertising has the kind of authentication problem mentioned above. The party paying for the advertising only wants to pay to reach "legitimate" customers. A dishonest publisher (selling ad space) could access the advertising many times herself to artificially inflate the access figures, justifying higher advertising charges. To avoid paying for this "illegitimate" traffic, the advertiser would like to authenticate the accesses as *not* coming from the untrusted publisher. This is a hard problem in general, because the advertiser really wants to discount accesses by the publisher, her agents, her family, her friends, etc. It's tough to prove that you're not working for someone else at a formal protocol level. (Note that widespread "legitimate" anonymous accesses of material can severely damage the reliability of these kinds of measurement-based payment schemes.) I think this thread is rapidly straying from cpunks relevance.... -Futplex <futplex@pseudonym.com>
On Tue, 21 Nov 1995 s1113645@tesla.cc.uottawa.ca wrote:
I had an idea for an advertising based net-payment scheme that has a particular security flaw making it totally untrustworthy unless it is possible to prove that you are not a particular person (the publisher receiving the ad money) when consuming (viewing or otherwise) the ads.
Obvious approach probably makes the rest of the protocol useless but... If you force everything to be signed using keys corresponding to certificates issued by a trusted agency, that CA can be used to guarantee the inequality.
participants (5)
-
David Scheidt -
futplex@pseudonym.com -
Hal -
s1113645@tesla.cc.uottawa.ca -
Simon Spero