[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Single Value Pseudonyms

To: [email protected]
Subject: Re: Single Value Pseudonyms
From: Karl Lui Barrus <[email protected]>
Date: Sun, 3 Oct 1993 21:00:24 -0500 (CDT)

> Karl Barrus posted this, and I've been meaning to respond to it.
> Basically  Karl's scheme doesn't work.  With any cut-and-choose
> protocol, there must be some assurance that the two things offered

What?  It doesn't work?  Care to elaborate?

I mean, a person can satisfy to any degree desired that the last
unblinded document is of a particular value.

I agree that it becomes real expensive to do so, and for digital
banking purposes, there are several alternatives: 1) all cash is of
same denomination, 2) different exponents for different
denominations, 3) different keys for different denominations.

I think I mentioned the application towards digital cash is a bit
forced because of the above.  The real point is in avoiding signing
a blinded document that is later unblinded to reveal something
undesirable, in which case the signature and the document signed
have value.  The application of cut-and-choose I described applies
best when for some reason (poor choices of the bank?) the document
itself contains value, like the denomination it represents.

-- 
Karl L. Barrus: [email protected]         
keyID: 5AD633 hash: D1 59 9D 48 72 E9 19 D5  3D F3 93 7E 81 B5 CC 32 

"One man's mnemonic is another man's cryptography" 
  - my compilers prof discussing file naming in public directories

Prev by Date: Re: NPR?
Next by Date: Re: PGP in Fidonet
Prev by thread: Single Value Pseudonyms
Next by thread: Re: FIDOnet encryption (or lack thereof)
Index(es):
- Date
- Thread