[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: digital cash and identity disclosure



At 08:53 AM 10/20/95 -0700, [email protected] wrote:
>> I don't understand how this could happen? The two coins are identical
>> (as I understood it from the tech backgound of ecash). what has a double-
>> spended coin what a copied single-spended coin not has?

>The process of spending a coin is not simply that of transfering data.
>There is a complicated protocol in which Alice decrypts some of the
>identity information in the coin.  

There are several approaches - in the immediate-clearing model,
you can tell if someone's spent coin 111111111111 because the bank keeps
a record of which coins have been spent and refuses to pay anybody
who tries to spend the same coin later; this almost forces you to use
on-line clearing solutions.  Chaum's blinding protocols
make it possible for the bank to sign a coin without being able to
trace it to the person withdrawing the coin, so she can spend it anonymously.

Another model uses the protocols Tom described which place a random chunk
of the spender's identity into the coin - one chunk gives away no information,
but two chunks have an extremely high probability of doing so - so you
can go prosecute the guilty double-spender later (or just debit her account
twice...)
Then there are the non-anonymous models.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, [email protected]
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---