your favorite protocols

Greg Broiles gbroiles at netbox.com
Fri Dec 29 11:16:34 PST 2000 

On Fri, Dec 29, 2000 at 06:17:07AM -0500, dmolnar wrote:
> "Distribution Chain Security"
> M. Franklin and G. Durfee
> ACM CCS 2000
> http://citeseer.nj.nec.com/332962.html
> 
> It's actually a not-bad example of how a "standard" crypto component is
> taken and then tweaked for use in a particular protocol. The standard
> component is a homomorphic commitment scheme designed by Cramer and
> Damg*rd and published in 1998. This paper shows how to use it to prove a
> series of contracts satisfies certain relations w/o revealing the
> contracts - and then adds a method to make the particular relations they
> care about more efficient. 

I realize that the original citation was meant as an example of the
difficulty of reaching crypto standards, but this "smart contracts"
crap is really sticking in my throat this week. 

It's really unfortunate that the crypto community seems determined to
take words which have relatively specific and nuanced legal definitions
and overload them with cartoonish definitions - the math tricks described
therein are interesting, but bear no relationship to contracts as 
lawyers and courts understand that term. The behavior described is 
closer to licensing, but is unlikely to create an actual license without
careful attention.

The citations to support the authors' claims that "Systems to enforce
digital contracts are already in place or will be available soon" are
to three websites for CPRM-ish schemes -
Xerox' "ContentGuard" at <http://www.contentguard.com>,
Intertrust at <http://www.intertrust.com>,
and SDMI, brainchild of the RIAA, at <http://www.sdmi.org>,
and a print citation to an article by Mark Stefik (the
person behind the Xerox and Intertrust copy protection schemes) 
entitled "The Bit and the Pendulum: Balancing the Interests of
Stakeholders in Digital Publishing". (I'm not kidding. Those
URL's - without links to specific documents - are the references
which support the authors' claims about the feasibility of 
enforceable digital contracts.)

One can guess exactly how "balanced" the outcome is likely to be
where one stakeholder gets to design and implement (without
reverse engineering, thanks to the DMCA) the technical apparatus
which will be used to "enforce" the "contracts" between the
parties. Stefik's reference to Poe's torture apparatus is
perhaps more apropos than he intended.

--
Greg Broiles gbroiles at netbox.com
PO Box 897
Oakland CA 94604

More information about the cypherpunks-legacy mailing list