[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: blind validation



Alex Strasheim writes:
[discussion and assumptions liberally elided]
> 1.   Alice initiates a transaction with Bob.  (Perhaps by asking
>      him for a file.)
> 
> 2.   Bob generates a random number and sends it back to Alice.
> 
> 3.   Alice blinds Bob's number and sends it to Trent, along with
>      proof of her validatability.
> 
> 4.   Trent checks Alice's proof, signs the blinded number, and
>      then returns it to Alice.
> 
> 5.   Alice unblinds Bob's number, then sends it to Bob.
> 
> 6.   Bob checks Trent's signature and makes sure that the number
>      he recieved matches the one he sent out.  Then Bob processes
>      Alice's transaction.
> 
> If Bob always follows this protocol, he can prove to Sam that
> he's followed the law.  Alice remains anonymous.  Alice can still
> transfer the file, but she has to give it away herself:  she
> can't give away the ability to get it directly from Bob without
> giving away the ability to prove Aliceness to Trent.  

I'm not convinced that your last point is true. It appears that the signed
Bobnet-access-number is still just a transferrable ticket. Charlie can
place an order with Bob, forward the Bobnet-access-number to Alice, wait for
Alice & Trent to do the blinding & signing tango, forward the signed Bobnet-
access-number to Bob, and get the goods from Bob.
  
Charlie can't use the signed Bobnet-access-number to prove to Trent
that he's Alice. In fact, since it's unblinded, Charlie can't even prove
that he's linked to a particular validation performed by Trent. (If Alice
foolishly gave him the blinded version too, he could show that he shares
Alice's knowledge about this validation.) 

[...]
> The main problems that I can see with this protocol are:
> 
> 1.   It's vulernable to traffic analysis.
> 2.   Sam has to trust Trent, which he may be unwilling to do.
> 3.   You can infer stuff about Alice from the kinds of requests
>      she makes of Trent.  Someone who always asks Trent for proof
>      that he's not a felon might tag himself as a person who buys
>      a lot of guns or ammunition, for example.

3. is OK as long as Alice trusts Trent. The trick is selecting a Trent
trusted by both Alice and Sam ;)

-Futplex	<[email protected]>