Re: Whoa, now... (was Re: Digital Cash)
:From: "James G. Speth" <december@end.end.com> :In fact, he began this thread by citing someone who was talking about using :an obscured algorithm to prevent digital cash double spending. (ie. If you :can't get to the algorithm, you can't cheat the system.) His comments were :on the dangers of relying on this. :That's the point. Mikolaj was _never_ referring to cryptographic security. :He was pointing out how security through obscuring algorithms can never be :considered reliable. Oh, well if that's what he meant, we agree completely. I thought he was saying his el33t hackerdoodz buddies could break the crypto part of ecash. By the way, the reason I've never discussed the ecash threads on this group is because it was obvious right from the start that double-spending makes the schemes unworkable, and that only a central reference authority could patch the system to make it work, which (in my seldom humble opinion) entirely negates the point of these schemes. My suspicion is that anonymous ecash can only be made to work if giving the tokens to someone else is a destructive operation - the way core memory (I'm probably one of the few people on this group who've had to worry about stuff like this :-) ) used to be erased when read. Except that these days, the destructive read would have to be something secured by the laws of physics, like say a quantum state being trashed by virtue of being observed. (The way secure quantum comms works - if we had something akin to a quantum delay line in a card, maybe that would work.) However, the technology to do that sort of stuff is probably centuries off. G
:From: "James G. Speth" <december@end.end.com>
:In fact, he began this thread by citing someone who was talking about using :an obscured algorithm to prevent digital cash double spending. (ie. If you :can't get to the algorithm, you can't cheat the system.) His comments were :on the dangers of relying on this.
If I may make a small correction here, I suggested a tamperproof software module could be used in an offline system to process transactions in a way which prevented "ANONYMOUS double spending". This is not the same as preventing double spending, although in a system where reputations matter, it has a certain deterrent effect.
:That's the point. Mikolaj was _never_ referring to cryptographic security. :He was pointing out how security through obscuring algorithms can never be :considered reliable.
Obscuring the operation of an algorithm inside a tamperproof module isn't security through obscurity any more than obscuring plaintext by encipherment is security through obscurity. -- Mike Duvos $ PGP 2.3a Public Key available $ mpd@netcom.com $ via Finger. $
If I may make a small correction here, I suggested a tamperproof software module could be used in an offline system to process transactions in a way which prevented "ANONYMOUS double spending". This is not the same as preventing double spending, although in a system where reputations matter, it has a certain deterrent effect.
:That's the point. Mikolaj was _never_ referring to cryptographic security. :He was pointing out how security through obscuring algorithms can never be :considered reliable.
Obscuring the operation of an algorithm inside a tamperproof module isn't security through obscurity any more than obscuring plaintext by encipherment is security through obscurity.
OK, just to go and match the pattern of mis-understandings in this thread, i'd appreciate it if you posted a detailed version of your plan (sorry if you've done it before, but the 'd' key and I are old friends...oops), as i probably just read the bit that leapt out at me and ingnored the rest. Then i'll try to punch a few holes in it... :) MJH * * Mikolaj J. Habryn dichro@tartarus.uwa.edu.au * "Life begins at '040." PGP Public key available by finger * "Spaghetti code means job security!"
Graham Toal writes:
By the way, the reason I've never discussed the ecash threads on this group is because it was obvious right from the start that double-spending makes the schemes unworkable, and that only a central reference authority could patch the system to make it work, which (in my seldom humble opinion) entirely negates the point of these schemes.
Nope, not "entirely." Anonymity is still preserved, through the "blinding" operation, even when a clearinghouse approach is used. That is, the bank can assure itself that it issued the original note, even though the note presented to it cannot be correlated to the issued note. This is the breakthrough Chaum and others achieved. Anonymity (or untraceablility by Big Brother and Big Mother) is achieved, which is the major point of digital money. The possible need for online clearing is not a fatal flaw. A good place to read about this is the November 1985 "Communnications of the ACM" journal, in Chaum's cover article "Transaction Systems to Make Big Brother Obsolete." (Chaum has updated the article since, and newer versions can be found in various places.) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway."
participants (4)
-
gtoal@an-teallach.com -
Mikolaj Habryn -
mpd@netcom.com -
tcmay@netcom.com