Cash, cheaters, and anonymity

Linn Stanton lstanton at sten.lehman.com
Fri Aug 26 07:20:44 PDT 1994


tcmay at localhost.netcom.com (Timothy C. May) writes:
  > **The purist approach: you *are* your key. If another biological unit
  > obtains your key, he or she is effectively you. Guard your key carefully.
  > 
  > **The modern American "excuse" approach: Hey, if you want to disavow a
  > contract, like, just claim your key was stolen or, like, you lost it.
  > 
  > I understand the reasoning behind adopting a more intermediate stance, but
  > I think that only the purist stance will hold water in the long run.(A hint
  > of this: untraceable cash means, for most transactions of interest with
  > digital cash, that once the crypto stuff has been handled, whether the sig
  > was stolen or not is moot, because the money is gone...no court can rule
  > that the sig was invalid and then retrieve the cash!)

I would love the purist stance, except that it is untenable. Every security
system is breakable, if enough effort, money, and professionalism are involved.
We should never kid ourselves about this. One time pads are provably secure,
but someone can still break in and physically steal your plaintext, or steal
you and bring out the rubber hoses...
If crypto does become widespread, then it will be used in situations where
the value of the key justifies considerable effort and expense to steal it,
and it will happen. There must always be a mechanism to deal with repudiation.

As to your later point about mootness, I would not be comfortable saying that
there are limits to what a court will attempt to coerce cooperation.

  > * Plan A: The protocol insists on retinal scan or other biometric
  > authentication between the "smartcard" used as the cryptographic keying

This is just a second private key, and no more immune to forgery or theft by
a professional.





More information about the cypherpunks-legacy mailing list