Chaum criticism#000# Hal Finney writes:
... I think that Chaum has gone off in the wrong direction in the last few years [by] concentrating on protocols which rely on a tamper-proof, hardware ... "observer"... chip ... etc. Amen.
... it seems that many of the papers out of his group are designed to explore observer-based protocols.
I am trying to read and understand the Niels Ferguson "Off-line Coins" article, the "Efficient Off-line Digital Cash" paper also from CWI and the Netcash paper. Were you the one critical of the Netcash paper because it didn't offer unconditional untraceability? Do the papers I just listed require observer chips, or are they OK for software-only?
This means that these ideas are not useful for software-only implementations. One of the (relatively few) strengths that we and the forces we represent have is that free software can be spread very far and very fast, making it hard for those opposed to privacy to successfully stop our efforts. Any technology based on special chips is going to lose these advantages.
We have PageMaker, CAD ware, someday we may have "ChipMaker" to create "chipscript" robotic control files to make our own monolithic IC's. In the short term, perhaps we can distribute shareware hardware designs using low-cost components to avoid back doors in manufactured comm gear.
... people may still feel uncomfortable about having a mechanical "conscience" in their pocket ... there have already been comparisons on sci.crypt between Chaum's observers and the Clipper chip ...
In other words, if we can't see the "source code" for the hardware design, or "compile" it ourselves, maybe we shouldn't really trust it.
I think that a realistic appraisal of the pros and cons suggests that non-observer protocols are more likely to further our ultimate goal of personal privacy.
What particular design would you like to see widely implemented now given these objections to observer chips? Is there software we can use NOW for ATM's and banks? Kent - jkhastings@aol.com
I am trying to read and understand the Niels Ferguson "Off-line Coins" article, the "Efficient Off-line Digital Cash" paper also from CWI
Both articles, as I recall from the abstracts, exist square within the observer framework.
Do the papers I just listed require observer chips, or are they OK for software-only?
The two CWI papers do require observers and are useless for software-only implementations.
Is there software we can use NOW for ATM's and banks?
The original blind signature still works. It can still be money. That hasn't changed. Recall, though, that the blind signature is patented by Chaum in addition to also requiring the underlying RSA patent. Eric
Eric Hughes says:
I am trying to read and understand the Niels Ferguson "Off-line Coins" article, the "Efficient Off-line Digital Cash" paper also from CWI
Both articles, as I recall from the abstracts, exist square within the observer framework.
I think I have a scheme for real off-line payments, that is, payments that do not require an observer at the time of transaction (although they would require a couple of on line transactions in advance). They would require that people conduct transactions in a style that they are not used to, but would require no trust and would allow full anonymity of parties. Unfortunately, I don't know enough about the mathematics of Chaum's blinding schemes to know if the scheme I have in mind (which depends on his scheme) would work. Could someone point me at a reference or two on Chaum's original work? The mathematics associated with blinding is, sadly, something that I haven't spent sufficient time on. Perry
participants (3)
-
hughes@ah.com -
Kent Hastings -
Perry E. Metzger