[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bypassing the Digicash Patents



On Mon, May 05, 1997 at 03:00:09PM -0400, Ray Arachelian wrote:
> On Sun, 4 May 1997, Hal Finney wrote:
> 
> > Presumably records are kept to protect against various risks.  Without
> > that protection, you need other means to control the risk.  But if those
> > means exist and they are cheaper than record-keeping, then again even
> > without anonymity it should be cheaper to use those methods in place of
> > the records.
> 
> Records are kept for (a) tax compliance, (b) as a way of further 
> marketting spam that tracks usage/purchase patterns.  Presumably the 
> marketting weasels require this info because of their belief that doing 
> so will increase sales in the long run.

Speaking of risks, if I have several billion dollars worth of fully
anonymous, fully fungible digital cash sitting on my hard disk, how do
I protect it from loss, theft, or damage? If I encrypt it somehow, and
forget my key, I am out a lot of money.  If the disk is sitting on a 
vanilla computer of some sort, I have to worry about the security of 
the OS.  I have to worry about a disk crash destroying my fortune.  
In short, I have security concerns.

I mention this because one of the costs of cash is protecting it.  
For large sums this cost is non-trivial.  This will be true with 
digital cash as well.

One of the purposes of banks is to provide a secure storage 
infrastructure.  But if you put your ecash in a bank you damn well 
want to be sure that you can get it back, which means that the bank 
*must* have records associating your deposits with you (or your 
nym).

With computers, record keeping is cheap, but security is expensive.  
The cost of securing records is inversely related to the amount of 
public exposure -- the more people know something, the harder it is 
to alter the data.

With ecash you don't have just the abstract value of information as a 
motivation for thieves -- you have real money, and, with current 
computer security levels, an essentially open target, crypto or not.

Therefore, anonymous transactions do have costs that non-anonymous 
ones do not, and this cost differential potentially grows 
non-linearly with the amount involved.

-- 
Kent Crispin				"No reason to get excited",
[email protected]			the thief he kindly spoke...
PGP fingerprint:   B1 8B 72 ED 55 21 5E 44  61 F4 58 0F 72 10 65 55
http://songbird.com/kent/pgp_key.html