I read some of the docs and ecache appears to be based on HMAC
tickets, plus mixes. The problem I see is that you have to trust the
mix. Now the documentation does mention that they anticipate 3rd
party mixes, but still you have to trust those mixes also.
And as we know from mixmaster etc., there are attacks on mixes such as
So it seems to me they would achieve much stronger anonymity, using a
blinding based ecash system such as Chaum (patent expired) or Brands.
In this way the anonymity set would be with all of the coins issued
since coin-epoch start, rather than with the mixes used. And there
would be no trust concerns as the blinding protocols dont require
trust in any servers (even the bank and merchant in collusion cant
identify a coin with its withdrawer).
On Wed, Feb 21, 2007 at 09:28:03AM -0800, Steve Schear wrote:
With the expiration of Chaum's key patents it was assumed that someone
would step up an try their hand at launching a DBC-based financial
service. Some time has passed and I'm happy to announce that this has
finally happened. Taking a cue from the lively Digital Gold Currencies,
eCache's first denomination if gold backed. Unlike Digicash's instruments,
eCache is using a mixing technique, rather than blinding, to help preserve
unlinkability. Its mint is located on a hidden server in TOR-land. More
information at: https://ffij33ewbnoeqnup.onion.meshmx.com/doc.php
Comments are invited about the technology and governance aspects that such
financial services invoke.
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]