[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Voice/Fax Checks



> [email protected] writes:
> 
> >On a more important note, I believe that in one of the papers on my to-read
> >list for this weeked, Chaum demonstrates that e-cash can not be transferable
> >unless it grows bigger. Otherwise you have to give it back to the bank and
> >get a new one each time it is used. Given this, I think that it is highly
> >desireable for us to accept the increasing size of the e-cash and maintain
> >its transferability.
> 
> I had the impression from that paper that with transferred ecash, a person
> earlier on the trail could always recognize the cash even at a later point.
> This followed, Chaum claimed, from the need to detect double-spending.
> I'd be interested to hear whether you get this from that paper as well.

Well I've skimmed the paper because this is non-intuitive to me, and I'm
impressed by the level of security that Chaum requires from his protocols.
He treats the absolutely impossible and the computationally infeasible
seperately. Determining whether the coin is one of yours falls into the
second category. In order to determine whether you have used a coin
previously (in a maximally secure scheme) you need the bank's secret key.
So you just wind up your 4096 bit number factoring machine, dump in the
modulus, and presto, out come your factors from which you compute the
secret key.

Now I don't know about you, but if I had the bank's key, figuring out
if I've seen a digital coin before is NOT the first thing I would do.

JWS