[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Destroying client/server model, anonymous broadcasting.
At 08:42 AM 8/5/96 -0400, you wrote:
>Getting back to the Dining Crypto Problem, is it possible to complete a
>round by passing information around the circle of participants (each
>individual communicates and maintains a connection with the person on the
>left and right) rather than sending the round results to everyone via a
>central server that everyone is connected to? In effect no one would be a
>server, or everyone would be a server depending on the way you look at it.
>A circular linked list would be maintained and kept in sync by every
>client so that error recovery could come into play if someone mysteriously
>disconnects. Could it work? How would the protocol differ.
There's an obvious simple way to do this which appears to be slightly wrong.
Somebody (assume it's Alice) announces a round "This is round N, size S
bytes, value vvvv....", everybody who receives it does their calculations,
XORs them in with the data, and passes it on. Once it gets all the way
around (and Alice xors in her real number xor the nonce she started with),
it goes around again so everybody can see the message.
The catch is that two players can collude to monitor the player between them.
Since Eve knows what data she passed (Dr.) Fred, and their random numbers,
and Gorby knows what Fred passed him, and their random numbers,
they can tell whether Fred added any data of his own. With a server-based
system, on the other hand, collusion that Eve and Gorby also find out
Fred's output, either by eavesdropping or colluding with the server.
(Hmmm - I suppose this also happens with Chaum's NSA dinner? The example
essentially used broadcast to exchange all the users' contributions.)
Also, to set up a DCnet, you almost need a server of some sort to coordinate
who talks to whom.
# Thanks; Bill
# Bill Stewart, +1-415-442-2215 [email protected]
# <A HREF="http://idiom.com/~wcs"> Defuse Authority!