Digicash question

Matthew J Ghio mg5n+ at andrew.cmu.edu
Mon Dec 6 15:25:54 PST 1993


A newbie, bdolan <71431.2564 at CompuServe.COM> timidly asked:

> X gives $101 to First Digital Bank, which gives X a PGP-signed
> password representing a claim on $100 (or maybe they would do
> this just for the "float").  X gives the $100 password to Y, in
> exchange for a narco-terrorism decoder ring.  Y, being a cautious
> soul, calls First DigiBank immediately and gives it the password.
> DigiBank pockets $1 and issues Y a new signed password good
> for $99.  Note that DigiBank (1) doesn't need to know who Y
> is and (2) ensures that a given money-password is only spent
> once.  By the same method, Y can pay Z and Z can deposit the
> credit in BillnHill's S&L for settlement.  Or the money can keep
> floating around until DigiBank gets it all, which is what
> usually happens now ;-)

Well, it could work that way.  The only thing that I see being a problem
is that you're using public-key crypto when you don't really need to. 
This allows the bank to associate a public key with an identity.  (which
is what Derek Atkins <warlord at MIT.EDU> said.)  But, basically, you could
simplify the system to this: X has a password which is worth $100 in
cash from FDB.  X gives the password to Y.  Y then calls the bank and
changes the password to whatever he wants.  Y now has $100 digital money
(minus the bank's transaction fee).  The bank has no way of knowing who
gave them the new password.  (You could also have the bank generate
random passwords, and give them to the client.)  Notice that no public
keys (and no identification) is used.  The only need for public keys in
such a situation would be to establish a secure transmission channel; in
which case, someone could make up a random keypair, make a transaction
with the bank and then discard the private key - the money would be
identified by the secret password.
The only other thing to point out, is that each digital
coin/token/denomination must have its own password - what if he only
wanted to spend $57 and not $100?  So each dollar would have to be
seperate; to spend $100, X would have to give Y 100 seperate passwords. 
Unless, of course, you have digicoins of different denominations, but
then you have to have correct change.

Of course, you are still left with the the problem of needing to trust
the bank. :(

Good point about the bank taking its cut - I think we need to come up
with a fair system for dealing with that...


P.S. I'm glad to see some people on this list still want to talk about
real crypto, instead of, ahem, other distractions...



More information about the cypherpunks-legacy mailing list