Thanks for the living hell, and question about OpenSSL
Tim May
timcmay at got.net
Fri Apr 25 12:58:02 PDT 2003
On Friday, April 25, 2003, at 11:20 AM, Patrick Chkoreff wrote:
> Sincere thanks to everyone for the living hell I went through
> yesterday.
>
> I do understand the rationale for blinding now. The math was never the
> problem. I was mistakenly thinking that because my sacred code did not
> in fact record any IP-based transmission logs, users were safe as far
> as anonymity and privacy were concerned. What I missed was that if
> someone put a gun to my head and said "Put in some code to keep
> transmission logs and don't tell anybody or I'll kill your family," I
> would in fact obey and the security of the system would be compromised
> without anyone knowing. As RAH says, force monopolies are a bitch.
More importantly, if there is any way for you to track digital money,
then whether you _claim_ to be "not recording" or not is irrelevant.
Without blinding (or similar), a system is just another "trust me"
system.
And "trust me" systems are not interesting.
Not meaning to sound too harsh, but you need to think deeply about what
cryptography is all about and why "trust me, I promise not to look"
systems are not desirable or interesting.
(The cipher equivalent of your "because my sacred code did not in fact
record any IP-based transmission logs" is just the usual central key
server example: "Digital Datawhack generates keys for its customers but
does not in fact record them." Yeah, right.)
--Tim May
"A democracy cannot exist as a permanent form of government. It can
only exist until the voters discover that they can vote themselves
money from the Public Treasury. From that moment on, the majority
always votes for the candidate promising the most benefits from the
Public Treasury with the result that a democracy always collapses over
loose fiscal policy always followed by dictatorship." --Alexander
Fraser Tyler
More information about the cypherpunks-legacy
mailing list