[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Cash, cheaters, and anonymity
I don't have time to write much now, but lots of good points have been
made. I'll just toss out the other main idea for handling offline cash,
which is Chaum's "Observer". The Observer is a tamper-proof device that
sits inside (or plugs into) your computer, smart card, or PDA, and makes
sure that you don't double spend. In fact, it is impossible to double
spend because the Observer has to participate in every transaction. Yet
Chaum has designed the protocols such that the Observer learns nothing
about who you are or where you are spending.
The technical requirements of the Observer in Brands' scheme are that it
store 146 bytes plus 18 bytes per coin, and be able to do the discrete
log signature, which basically requires 512-bit multi-precision
arithmetic. And it has to be tamper-proof. At one time I was skeptical
about that but we see with Clipper that the NSA appears to be confident
that data can be protected in tamper-proof modules.
With Observers you can have off-line cash that is as secure as on-line
but without the costs of on-line validation. As a vendor, which would
you rather accept: off-line cash where you rely on legal sanctions to
track down cheaters; on-line cash where you call the bank and verify it
for every transaction; or off-line cash where you can validate it right
there locally without checking with any bank? Depending on the costs
which the Observer adds to the digital wallet, that latter choice might
be the most attractive.
Hal