[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Tense visions of future imperfect

To: [email protected]
Subject: Re: Tense visions of future imperfect
From: Hal <[email protected]>
Date: Wed, 10 Apr 1996 07:33:58 -0700
Sender: [email protected]

From: [email protected] (Bill Frantz)
> >[Description of dcash counterfeiting scam, presumably done by stealing
> > the bank's public key]
> I don't see how this third scam would work in a system such as DigiCash
> which uses online clearing.  Unissued serial numbers would be refused when
> presented for clearing.

DigiCash banks do not issue serial numbers.  Serial numbers are randomly
chosen by the user when he withdraws his cash. He blinds the serial
number before presenting the cash to be signed by the bank during
withdrawal.  So the bank never sees serial numbers until they are spent.
The uniqueness of serial numbers results solely from having a large
enough random space that matches are unlikely.

What the bank does is keep a list of all spent serial numbers, not all
issued ones (since it doesn't know those).  That way it can detect double
spending.

We have had some discussions here about how banks could recognize this
kind of counterfeiting, similar to the statistical measures mentioned in
Garfinkel's scenario, and steps that could be taken.

Hal

Prev by Date: Re: No matter where you go, there they are.
Next by Date: Re: Enforcing the CDA improperly may pervert Internet architecture
Prev by thread: Re: Tense visions of future imperfect
Next by thread: Re: Tense visions of future imperfect
Index(es):
- Date
- Thread