[3661] in WWW Security List Archive
Re: anonymous e-cash
daemon@ATHENA.MIT.EDU (Hiroki UEDA)
Tue Dec 3 08:45:08 1996
To: diane.ellison@asu.edu, dyann@ix.netcom.com
Cc: www-security@ns2.rutgers.edu
From: Hiroki UEDA <ueda@isl.ntt.co.jp>
In-Reply-To: Your message of "Mon, 02 Dec 1996 22:39:16 -0700"
Date: Tue, 03 Dec 1996 20:34:51 JST
Errors-To: owner-www-security@ns2.rutgers.edu
Diane,
>>>>> On Mon, 02 Dec 1996 22:39:16 -0700, Diane Ellison <dyann@ix.netcom.com> said:
> QUESTION: How can a sender be totally anonymous to the receiver,
> especially when the receiver needs to return a response? The
> "note" can be disguised with blinding, but how can the sender's
> IP address be disguised?
Of course the receiver knows the sender's IP address.
"Totally anonymous" means that the receiver can't know the sender's
name from the information which was given by an e-cash protocol.
To know the name and to know the IP address are different.
Indeed, the receiver may have other information from cgi-script and so on,
so the receiver may be able to know that the sender's name.
But the important point is that the receiver can't know the sender's name
from the e-cash data. So if the receiver sends this e-cash to
another receiver(say, X) then X can't know the original sender's name
(and the receiver's name) from the e-cash data. If the receiver
sends an EXTRA data, the original sender's name, with the e-cash to X,
then X may know about it. But I believe no one will use such a verbose and
useless protocol.
Regards,
-- Hiroki UEDA
-- NTT Information and Communication Systems Laboratories
-- Internet: ueda@isl.ntt.co.jp / PEH02134@niftyserve.or.jp
-- Je le vois, mais je ne le crois pas!
