Magic Money -> Chaum Cash
-----BEGIN PGP SIGNED MESSAGE----- Ok, let's try this one more time... Based on Eric's long and mathematical explanation, which I did not fully understand and was therefore convinced by, I have changed the program to use full Chaum cash. It takes the 16-byte random number, takes its MD5, and stores the MD5 in the coin. The coin is now a triple (id,e,mpi) and the bank never sees id when blind-signing the coin, thus preserving anonymity. I sent this new version to csn.org as mgmny10c.zip. I haven't had a chance to update the manual or the comments in the code, but it does seem to work. At least, I was able to mint coins and cycle them through the server a few times, so the basic coin cycle seems to work. Please check it out, on machines of both endians, and let me know what happens. Pr0duct Cypher -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLVdfXcGoFIWXVYodAQExBQQAlAOtfHApmQlmj1bk2kdBEg+Rst0I4CcB vIoxQ/iXiAS5c9fGdl5WNWpBk5TYCQSHm3jyzAoYaeLwJ4XsgnH5WbvB+UeRzwJX VatnTUK7x7wZMtIBAAaaPGX2woosns83bnXMa5voKkiYeESFFLgU5Dw5zw24xFas 1fkwlBSnyRA= =L9Ei -----END PGP SIGNATURE-----
Based on Eric's long and mathematical explanation, which I did not fully understand and was therefore convinced by,
An example of reputation-based proof by obscurity. I hope the main point came out, though. There are lots of parameters to pick from, and therefore lots of attacks can be contemplated.
I have changed the program to use full Chaum cash.
Be careful when you say this. Chaum has worked on lots of cash protocols. Better to say that you're now using a non-multiplicative signature. Eric
participants (2)
-
hughes@ah.com -
nobody@shell.portal.com