Reverse Palladium?
How secure can I make a Java sandbox from the rest of the network I'm on? Can I make it so that my network administrator can't see what I'm typing? In other words, a secure environment that's sitting on an insecure machine. And of course, there's a short term 'solution' (which will work until they catch on) and then a long-term solution (which they can't very easily stop even when they know such a thing exists). Oh, and it helps to remember that a network admin AIN'T an engineer: If Microsoft or someone hasn't built an app for it, then they can't do anything about it. -TD
Attack on Brands blind signature
eprint.iacr.org/2005/186 is an attack by Xuesheng Zhong on several blind signature schemes, including one widely discussed on the Cypherpunks mailing list back in the 1990s by Stefan Brands. The paper seems to show that it is possible for the bank/mint to recognize blind signatures (i.e. untraceable electronic cash tokens) when they are re-submitted for deposit, which is exactly what the blind signature is supposed to prevent. The math looks right although I haven't tried to look back at Brands' old work to see if it is correctly described in the new paper. CP
