[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Hack DigiCash: Payee Anonymity
-----BEGIN PGP SIGNED MESSAGE-----
In article <[email protected]>,
[email protected] (Name Withheld by Request) wrote:
> Well, Sameer is offering a "Hack DigiCash" promotion, in the same spirit as
> the hack Netscape and Microsoft offer. However, Chaum is a fairly
> experienced cryptographer, and I doubt that there are any major security
> flaws in the system. The trial version used RSAREF, so that code at least
> was open for your inspection. There is still the possibility of bugs
> creeping in when porting to different platforms tho...
>
> I think the most interesting hack to pursue is to eliminate the
> payee-nonanonymity problem. The current software uses the following
> protocol:
[protocol elided]
Payee anonymity will never be integrated into the protocol for political
reasons. Still, it is trivial to do this with current Ecash by setting up
a repayer site. I'll release some perl scipts doing just that as soon as
my current project is over (~2-3 weeks).
- ---
[This message has been signed by an auto-signing service. A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service
iQBFAwUBMI3N1CoZzwIn1bdtAQFsNQF/ZxwblP0YIUE47oXukUuSCA0ymeVexjGc
d7AA0efbzER+xKYvjtwppTGoWG+GiNzx
=35an
-----END PGP SIGNATURE-----