crypto question - using crypto to protect financial transactions

[Amir Herzberg]

I understand the goal of allowing secure and anonymous financial
transactions via the Net. I'm personally very interetested in this,
although I must admit I am also a bit concerned about the social
implications if this becomes a reality (or when it does, since I believe
it eventually will). What I'm concerned about is tax avoidance, esp. by
wealthy individuals and companies. Nobody likes taxation (at least
personally :-), but it is still the basis for operation of states - and
while changes may be good, they are also risky. 

Anyway, forgetting for a moment the question of should we do it, let's
focus on the question of how we do it :-) 

I looked up Andrew's site, and actually there're not too many details
there (yet?). I think his initial focus and question was on the issue of
whether one can trust one's public key to the financial server, and his
answer seems to be, you can if you split the key between several servers
using thershold or proactive signatures (proactive schemes allow
recovery from penetrations of servers - and btw, this is an area
deserving more implmentation efforts, beyond what we did in IBM). 

I think there may be even more critical hurdles for successful financial
crypto services. A very important one is interoperability between
different financial service providers (the companies that keep your
money... E.g. banks). Most crypto-financial efforts so far focused on a
centralized model - one bank - and that's much easier to design, but
very hard to succeed. I've done some work on secure interoperability
among providers - it was actually the main feature of IBM Micro
Payments. IBM have also applied for patent for some of the ideas. 

Another important issue is the automated management of trust and
reputation, allowing customers to make (automated) trust decisions on
providers of services and goods (including both financial services and
merchants). Here I agree with Andrew that for many applications,
financial transactions should not be reversible (disputed), and hence
trust and reputation becomes the main means for consumer protection. 

Regards, Amir Herzberg
See http://amir.beesites.co.il/book.html  for lectures and
draft-chapters from book-in-progress, `secure communication and commerce
using cryptography`; feedback welcome!
 



---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com