[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Identity Agnostic Online Cash

An early draft of a paper based on my comments at the Crypto '95
rump session is available at:


Here's the abstract:

Abstract: One of the unique aspects of Chaum's blind signature
scheme for anonymous transactions is that it is practiced entirely
by the side that wants to be anonymous. In a customer-bank
relationship, the customer's software practices the technology, not
the bank's. Chaum's patent on blind signatures cites as prior art a
non-anonymous signature scheme that differs significantly only in
steps taken by the "customer" side. An open standard for
electronic cash would then allow a bank or other cash issuer to
remain agnostic with respect to customer's software blinding or
not blinding. Since the bank's software would be practicing
technology cited as prior art by Chaum in his patent, and would
have a substantial non-infringing use, I argue that the bank would
not need to license Chaum's patents, provided the bank itself only
provided non-blinding customer software.

Here's a review of the talk by Hal Finney... :-)

One of the more interesting talks I thought was from cypherpunk Doug
Barnes, on "identity agnostic" electronic cash.  This is basically an
idea for creating a Magic-Money-type electronic cash server without
violating Chaum's cash patent.  What you do is to run the server and
publish a spec it will follow.  All the server does is do an RSA
signature on the raw data it receives and decrement the user's account
accordingly.  The user has a choice of doing blinding or not on the

Chaum's patent covers the blinding, so if the user wants to do that he
should be sure to license the patent or live somewhere it doesn't apply
(or ignore it if he figures he's too small potatoes for them to care
about).  But the server isn't responsible for checking all this.  It just
does RSA sigs, which is prior art as far as Chaum's patent goes.  Users
can blind or not, it doesn't care.  It is "identity agnostic" as Doug

The implication is that with an RSA license you could run this kind of
bank (online cash) and ignore Chaum's patents, while a horde of end users
violate the patents but take safety in numbers and get anonymity.
Lawyers like to go after big targets but the servers aren't violating