Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-31 Thread cyphrpunk
On 10/28/05, Daniel A. Nagy [EMAIL PROTECTED] wrote: Irreversibility of transactions hinges on two features of the proposed systetm: the fundamentally irreversible nature of publishing information in the public records and the fact that in order to invalidate a secret, one needs to know it;

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-31 Thread cyphrpunk
One other point with regard to Daniel Nagy's paper at http://www.epointsystem.org/~nagydani/ICETE2005.pdf A good way to organize papers like this is to first present the desired properties of systems like yours (and optionally show that other systems fail to meet one or more of these properties);

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-31 Thread Daniel A. Nagy
On Fri, Oct 28, 2005 at 02:18:43PM -0700, cyphrpunk wrote: In particular I have concerns about the finality and irreversibility of payments, given that the issuer keeps track of each token as it progresses through the system. Whenever one token is exchanged for a new one, the issuer records

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-28 Thread cyphrpunk
On 10/25/05, Travis H. [EMAIL PROTECTED] wrote: More on topic, I recently heard about a scam involving differential reversibility between two remote payment systems. The fraudster sends you an email asking you to make a Western Union payment to a third party, and deposits the requested amount

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-26 Thread Travis H.
If you have to be that confident in your computer security to use the payment system, it's not going to have many clients. Maybe the trusted computing platform (palladium) may have something to offer after all, namely enabling naive users to use services that require confidence in their own

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-26 Thread Ian G
John Kelsey wrote: From: cyphrpunk [EMAIL PROTECTED] Digital wallets will require real security in user PCs. Still I don't see why we don't already have this problem with online banking and similar financial services. Couldn't a virus today steal people's passwords and command their banks to

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-26 Thread James A. Donald
-- Steve Schear [EMAIL PROTECTED] Yes, but unfortunately it is not clear at all that courts would find the opposite, either. If a lawsuit names the currency issuer as a defendant, which it almost certainly would, a judge might order the issuer's finances frozen or impose other measures

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-25 Thread Daniel A. Nagy
One intresting security measure protecting valuable digital assets (WM protects private keys this way) is inflating them before encryption. While it does not protect agains trojan applications, it does a surprisingly good job at reducing attacks following the key logging + file theft pattern.

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-25 Thread cyphrpunk
On 10/24/05, Steve Schear [EMAIL PROTECTED] wrote: I don't think E-gold ever held out its system as non-reversible with proper court order. All reverses I am aware happened either due to some technical problem with their system or an order from a court of competence in the matter at hand.

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-25 Thread cyphrpunk
On 10/24/05, John Kelsey [EMAIL PROTECTED] wrote: More to the point, an irreversible payment system raises big practical problems in a world full of very hard-to-secure PCs running the relevant software. One exploitable software bug, properly used, can steal an enormous amount of money in an

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-25 Thread John Kelsey
From: cyphrpunk [EMAIL PROTECTED] Sent: Oct 24, 2005 5:58 PM To: John Kelsey [EMAIL PROTECTED] Subject: Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems .. Digital wallets will require real security in user PCs. Still I don't see why we don't already have

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-25 Thread Daniel A. Nagy
On Mon, Oct 24, 2005 at 02:58:32PM -0700, cyphrpunk wrote: Digital wallets will require real security in user PCs. Still I don't see why we don't already have this problem with online banking and similar financial services. Couldn't a virus today steal people's passwords and command their

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-24 Thread R.A. Hettinga
At 11:17 AM -0700 10/21/05, someone who can't afford a vowel, Alex, ;-) expressed his anal glands thusly in my general direction: You're such an asshole. My, my. Tetchy, this morning, oh vowelless one... At 11:17 AM -0700 10/21/05, cyphrpunk wrote: This is what you characterized as a unitary

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-24 Thread cyphrpunk
On 10/22/05, Ian G [EMAIL PROTECTED] wrote: R. Hirschfeld wrote: This is not strictly correct. The payer can reveal the blinding factor, making the payment traceable. I believe Chaum deliberately chose for one-way untraceability (untraceable by the payee but not by the payer) in order

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-24 Thread John Kelsey
From: cyphrpunk [EMAIL PROTECTED] Sent: Oct 24, 2005 2:14 PM Subject: Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems On 10/22/05, Ian G [EMAIL PROTECTED] wrote: Note that e-gold, which originally sold non-reversibility as a key benefit of the system, found

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-24 Thread Steve Schear
At 11:14 AM 10/24/2005, cyphrpunk wrote: Note that e-gold, which originally sold non-reversibility as a key benefit of the system, found that this feature attracted Ponzi schemes and fraudsters of all stripes, and eventually it was forced to reverse transactions and freeze accounts. It's not

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-21 Thread R.A. Hettinga
At 10:23 PM +0200 10/20/05, Daniel A. Nagy wrote: The referred 1988 paper proposes an off-line system Please. You can just as easily do an on-line system, and still have blind signatures, including m=m=2 shared secret signature hiding to prevent double spending. In fact, the *only* viable way to

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-21 Thread Daniel A. Nagy
On Thu, Oct 20, 2005 at 07:34:34PM -0400, R.A. Hettinga wrote: At 12:32 AM +0200 10/21/05, Daniel A. Nagy wrote: Could you give us a reference to this one, please? Google is your friend, dude. Before making unitary global claims like you just did, you might consider consulting the

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-21 Thread R.A. Hettinga
At 2:36 AM +0200 10/21/05, Daniel A. Nagy wrote: With all due respect, this was unnecessarily rude, unfair and unwarranted. This is the *cypherpunks* list, guy... :-) Silvio Micali is a very prolific author and he published more than one paper on more than one exchange protocol And I just got

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-21 Thread R.A. Hettinga
At 12:32 AM +0200 10/21/05, Daniel A. Nagy wrote: Could you give us a reference to this one, please? Google is your friend, dude. Before making unitary global claims like you just did, you might consider consulting the literature. It's out there. Cheers, RAH -- - R. A.

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-21 Thread Daniel A. Nagy
On Thu, Oct 20, 2005 at 05:19:49PM -0400, R.A. Hettinga wrote: BTW, you can exchange cash for goods, or other chaumian bearer certificates -- or receipts, for that matter, with a simple exchange protocol. Micali did one for email ten years ago, for instance. Could you give us a reference to

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-21 Thread cyphrpunk
As far as the issue of receipts in Chaumian ecash, there have been a couple of approaches discussed. The simplest goes like this. If Alice will pay Bob, Bob supplies Alice with a blinded proto-coin, along with a signed statement, I will perform service X if Alice supplies me with a mint signature

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-21 Thread R. Hirschfeld
Date: Thu, 20 Oct 2005 11:31:39 -0700 From: cyphrpunk [EMAIL PROTECTED] 2. Cash payments are final. After the fact, the paying party has no means to reverse the payment. We call this property of cash transactions _irreversibility_. Certainly Chaum ecash has this property. Because

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-21 Thread Daniel A. Nagy
On Thu, Oct 20, 2005 at 03:36:54PM -0700, cyphrpunk wrote: As far as the issue of receipts in Chaumian ecash, there have been a couple of approaches discussed. The simplest goes like this. If Alice will pay Bob, Bob supplies Alice with a blinded proto-coin, along with a signed statement, I

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-21 Thread cyphrpunk
On 10/20/05, Daniel A. Nagy [EMAIL PROTECTED] wrote: On Thu, Oct 20, 2005 at 03:36:54PM -0700, cyphrpunk wrote: As far as the issue of receipts in Chaumian ecash, there have been a couple of approaches discussed. The simplest goes like this. If Alice will pay Bob, Bob supplies Alice

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-21 Thread cyphrpunk
On 10/20/05, R.A. Hettinga [EMAIL PROTECTED] wrote: At 12:32 AM +0200 10/21/05, Daniel A. Nagy wrote: Could you give us a reference to this one, please? Google is your friend, dude. Before making unitary global claims like you just did, you might consider consulting the literature. It's out

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-20 Thread cyphrpunk
On 10/19/05, Daniel A. Nagy [EMAIL PROTECTED] wrote: http://www.epointsystem.org/~nagydani/ICETE2005.pdf Note that nowhere in my paper did I imply that the issuer is a bank (the only mentioning of a bank in the paper is in an analogy). This is because I am strongly convinced that banks

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-20 Thread Ian G
cyphrpunk wrote: If this is the model, my concern is that in practice it will often be the case that there will be few intermediate exchanges. Particularly in the early stages of the system, there won't be that much to buy. Someone may accept epoints for payment but the first thing he will do is

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-20 Thread Daniel A. Nagy
I will provide a detailed answer a bit later, but the short answer is that anonymity and untraceability are not major selling points, as experience shows. After all, ATMs could easily record and match to the user the serial numbers of each banknote they hand out, yet, there seems to be no

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-20 Thread cyphrpunk
Let's take a look at Daniel Nagy's list of desirable features for an ecash system and see how simple, on-line Chaum ecash fares. http://www.epointsystem.org/~nagydani/ICETE2005.pdf One of the reasons, in the author s opinion, is that payment systems based on similar schemes lack some key

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-20 Thread Daniel A. Nagy
Thank you for the detailed critique! I think, we're not talking about the same Chaumian cash. The referred 1988 paper proposes an off-line system, where double spending compromises anonymity and results in transaction reversal. I agree with you that it was a mistake on my part to deny its

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-20 Thread David Alexander Molnar
On Thu, 20 Oct 2005, cyphrpunk wrote: system without excessive complications. Only the fifth point, the ability for outsiders to monitor the amount of cash in circulation, is not satisfied. But even then, the ecash mint software, and procedures and controls followed by the issuer, could be

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-19 Thread cyphrpunk
Just presented at ICETE2005 by Daniel Nagy: http://www.epointsystem.org/~nagydani/ICETE2005.pdf Abstract. In present paper a novel approach to on-line payment is presented that tackles some issues of digital cash that have, in the author s opinion, contributed to the fact that despite

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-19 Thread Daniel A. Nagy
On Tue, Oct 18, 2005 at 11:27:53PM -0700, cyphrpunk wrote: Just presented at ICETE2005 by Daniel Nagy: http://www.epointsystem.org/~nagydani/ICETE2005.pdf This is a thorough and careful paper but the system has no blinding and so payments are traceable and linkable. The standard