[3665] in WWW Security List Archive
RE: anonymous e-cash
daemon@ATHENA.MIT.EDU (Davidson, Clyde)
Tue Dec 3 14:46:58 1996
Date: Tue, 3 Dec 1996 11:45:00 -0600
From: "Davidson, Clyde" <CDAVIDSO@IS.NMH.NMH.ORG>
To: "diane.ellison" <diane.ellison@asu.edu>, dyann <dyann@ix.netcom.com>,
Hiroki UEDA <ueda@isl.ntt.co.jp>
Cc: www-security <www-security@ns2.rutgers.edu>
Errors-To: owner-www-security@ns2.rutgers.edu
Isn't that a problem? Since IP addresses are associated with a device and
NOT a name, it would seem that you could only verify the transmission of
the transaction. You couldn't verify the user.
Then again, maybe we don't care who is giving us cash.
Clyde Davidson
Data Security Coordinator
NMH
----------
From: Hiroki UEDA[SMTP:ueda@isl.ntt.co.jp]
Sent: Tuesday, December 03, 1996 11:34 AM
To: diane.ellison; dyann
Cc: www-security
Subject: Re: anonymous e-cash
Diane,
>>>>> On Mon, 02 Dec 1996 22:39:16 -0700, Diane Ellison
<dyann@ix.netcom.com>
said:
> QUESTION: How can a sender be totally anonymous to the receiver,
> especially when the receiver needs to return a response? The
> "note" can be disguised with blinding, but how can the sender's
> IP address be disguised?
Of course the receiver knows the sender's IP address.
"Totally anonymous" means that the receiver can't know the sender's
name from the information which was given by an e-cash protocol.
To know the name and to know the IP address are different.
Indeed, the receiver may have other information from cgi-script and so
on,
so the receiver may be able to know that the sender's name.
But the important point is that the receiver can't know the sender's name
from the e-cash data. So if the receiver sends this e-cash to
another receiver(say, X) then X can't know the original sender's name
(and the receiver's name) from the e-cash data. If the receiver
sends an EXTRA data, the original sender's name, with the e-cash to X,
then X may know about it. But I believe no one will use such a verbose
and
useless protocol.
Regards,
-- Hiroki UEDA
-- NTT Information and Communication Systems Laboratories
-- Internet: ueda@isl.ntt.co.jp / PEH02134@niftyserve.or.jp
-- Je le vois, mais je ne le crois pas!
